URL redirection to untrusted site High

An HTTP parameter could contain a URL value and cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker could successfully launch a phishing attack and steal user credentials.

Detector ID
Common Weakness Enumeration (CWE) external icon