A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect.

Consequences

1. The user may be redirected to an untrusted page that contains malware which may then compromise the user's machine. This will expose the user to extensive risk and the user's interaction with the web server may also be compromised if the malware conducts keylogging or other attacks that steal credentials, personally identifiable information, or other important data.
2. The user may be subjected to phishing attacks by being redirected to an untrusted page. The phishing attack may point to an attacker controlled web page that appears to be a trusted web site. The phishers may then steal the user's credentials and then use these credentials to access the legitimate web site.

• Sanitize input by creating a list of trusted URLs
• Force all redirects to first go through a page notifying users that they are going off of your site, and have them click a link to confirm.

• URL Redirection to Untrusted Site ('Open Redirect')
• Unvalidated Redirects and Forwards Cheat Sheet
• CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N