Observation Un-validated Redirect: The login form is vulnerable to un-validated redirect attacks: Affected URLs: https://example.com/login.aspx?returnURL=https://www.attacker.com
Impact By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Recomendation Whitelist the redirect URLs and prevent redirection outside parent domain.
i dont know what is the problem is that.and what they saying.
My understading is if login the application that redirect another un- validated page. How to fix it what is the problem is that
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)