Application Security Terminology

Glossary

Svg Vector Icons : http://www.onlinewebfonts.com/icon Return to Glossary

URL Redirector Abuse

Did You Know? There is a 11% likelihood that your website is vulnerable to URL Redirector Abuse

READ STATS REPORT

Website applications use URL redirectors to forward incoming request to an alternate resource. In URL Redirector Abuse, URL redirectors are abused to cause an attacker’s URL to appear to be endorsed by the legitimate site, tricking victims into believing that they are navigating to a site other than the true destination. Applications accept arbitrary user-defined URLs as input, which are then used as targets for redirection.

URL-redirector-abuseURL redirection is often used to allow resources to be moved within the directory structure and to avoid breaking functionality for users who request the resource at its previous location. URL redirectors may also be used to implement load balancing, leveraging abbreviated URLs or recording outgoing links. 

It is this last implementation which can be used in URL Redirector Abuse attacks such as phishing. URL redirectors can be abused by attackers trying to social engineer victims into believing that they are navigating to a site other than the true destination.