Open redirect on the login page. #229

showell-nic opened this Issue Oct 7, 2012 · 0 comments


None yet

1 participant


The location redirect on the login page doesn't check whether the redirect is local and will send the user to any URL.
An example of the redirect is

To see more information about this vulnerability see the OWASP Top 10:

@showell-nic showell-nic closed this Oct 7, 2012
@showell-nic showell-nic reopened this Oct 7, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment