Open Redirect Vulnerability
The site has an open redirect — a parameter that redirects to any URL, allowing phishing campaigns that appear to come from your domain.
What is Open Redirect Vulnerability?
An open redirect is a parameter (like ?url=, ?redirect=, ?next=) that redirects the user to any URL without validation. Attackers use this to craft phishing URLs that look like they come from your trusted domain (e.g., yoursite.com/login?redirect=https://evil.com) but actually send users to malicious sites.
Why It Matters to Your Business
Open redirects enable convincing phishing campaigns. Because the URL starts with your trusted domain, email filters and users are more likely to trust it. Attackers use this to steal credentials, distribute malware, and bypass email security.
How to Fix It
Validate all redirect destinations against an allowlist:
PHP/Laravel:
// BAD
return redirect($request->input('redirect'));
// GOOD — allowlist
$allowed = ['/', '/dashboard', '/profile'];
$redirect = $request->input('redirect', '/');
if (!in_array($redirect, $allowed)) {
$redirect = '/';
}
return redirect($redirect);
// Or check that it's a relative URL
if (!str_starts_with($redirect, '/') || str_starts_with($redirect, '//')) {
$redirect = '/';
}
Express.js:
// Use express-validate-redirect middleware
app.get('/redirect', validateRedirect, (req, res) => res.redirect(req.query.url));
Never trust user input for redirect destinations.
Technical Classification
| OWASP Category | A01:2021 — Broken Access Control |
| CWE ID | CWE-601: URL Redirection to Untrusted Site |
| Detected By | open_redirect scanner(s) |
| Severity Level | medium |
How 2MNY Security Can Help
Check if your website has this vulnerability
Our open_redirect scanner checks for this issue automatically.
Scan My Website Free