Un-validated Redirect: The login form is vulnerable to un-validated redirect attacks:
Affected URLs: https://example.com/login.aspx?returnURL=https://www.attacker.com
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Whitelist the redirect URLs and prevent redirection outside parent domain.
i dont know what is the problem is that.and what they saying.
My understading is
if login the application that redirect another un- validated page.
How to fix it what is the problem is that
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)