URL Redirection to Untrusted Site ('Open Redirect')
Description: This call to href() contains a URL redirection to untrusted site flaw. Writing untrusted input into a URL value could cause the web application to redirect the request to the specified URL, leading to phishing attempts to steal user credentials.
Remediation: Always validate untrusted input to ensure that it conforms to the expected format, using centralized data validation routines when possible.
URL Redirection to Untrusted Site ('Open Redirect')
Description: This call to href() contains a URL redirection to untrusted site flaw. Writing untrusted input into a URL value could cause the web application to redirect the request to the specified URL, leading to phishing attempts to steal user credentials.
Remediation: Always validate untrusted input to ensure that it conforms to the expected format, using centralized data validation routines when possible.