application-security
Open Redirect
Open Redirect
Definition
An open redirect vulnerability allows an application to redirect users to arbitrary external URLs through a parameter that is not properly validated. Attackers exploit open redirects to lend legitimacy to phishing attacks — sending a link to a trusted domain that immediately redirects to a malicious site.
Prevention requires validating redirect destinations against an allowlist of trusted URLs or domains.
Ship secure code faster
Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.