-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Coverity - Open Redirect #1219
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
382292 Open redirect
An attacker can mount a phishing attack by modifying the URL value to point to a malicious Web site.
In io.getlime.security.powerauth.app.webflow.controller.HomeController.continueToRedirect(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse): User-controlled input is used to specify an address that is used as a URL redirect or forward. An attacker can create a link to the trusted site that redirects to a malicious Web site. This could enable the attacker to steal user credentials. (CWE-601)
https://scan4.scan.coverity.com/reports.htm#v57086/p16071/fileInstanceId=125567704&defectInstanceId=14538873&mergedDefectId=382292&eventId=14538873-4
The text was updated successfully, but these errors were encountered: