Detections
Analytics

Unvalidated DOM redirect

medium Web App Scanning Plugin ID 98103

Language:

Synopsis

Unvalidated DOM redirect

Description

Web applications occasionally use DOM input values to store the address of the page to which the client will be redirected -- for example: `yoursite.com/#/?redirect=www.yoursite.com/404.asp`

An unvalidated redirect occurs when the client is able to modify the affected parameter value and thus control the location of the redirection. For example, the following URL `yoursite.com/#/?redirect=www.anothersite.com` will redirect to `www.anothersite.com`.

Cyber-criminals will abuse these vulnerabilities in social engineering attacks to get users to unknowingly visit malicious web sites.

Scanner has discovered that the web page does not validate the parameter value prior to redirecting the client to the injected value.

Solution

The application should ensure that the supplied value for a redirect is permitted. This can be achieved by performing whitelisting on the parameter value.
The whitelist should contain a list of pages or sites that the application is permitted to redirect users to. If the supplied value does not match any value in the whitelist then the server should redirect to a standard error page.

Plugin Details

Severity: Medium

ID: 98103

Type: remote

Published: 3/31/2017

Updated: 8/29/2023

Scan Template: full, pci, scan

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: Tenable

CVSS v3

Risk Factor: Medium

Base Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CVSS Score Source: Tenable

CVSS v4

Risk Factor: Medium

Base Score: 5.1

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

CVSS Score Source: Tenable

Reference Information