String fromURL= "https://www.mySite.com?id=7878&name=uname";
Quote:ASP .NET MVC 1 & 2 websites are particularly vulnerable to open redirection attacks. In order to avoid this vulnerability, you need to apply MVC 3.
The code for the LogOn action in an ASP.NET MVC 2 application is shown below. After a successful login, the controller returns a redirect to the returnUrl. You can see that no validation is being performed against the returnUrl parameter.
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)