# Open Redirection Analyzer PRO

Category Severity Time To Fix
🛡️ Security ⚠️ Critical 10 minutes

Class: Enlightn\EnlightnPro\Analyzers\Security\OpenRedirectionAnalyzer

# Introduction

This analyzer scans your application code to detect possible open redirection vulnerabilities.

If your application accepts user controlled input that specifies a link to an external site, and uses that link in a redirect, it is exposed to an open redirection vulnerability. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance.

Consider the following code:

return redirect($request->input('link'));

The code above is a classic example of an open redirection vulnerability. So, if your website is example.com, an attacker can create a link such as www.example.com/redirect?link=evil.com/confirm-password that redirects to an external website. This makes phishing scams easier because the victim would think that the link actually belongs to example.com.

Other examples of vulnerable code are as follows:

use Illuminate\Routing\Redirector;
use Illuminate\Support\Facades\Redirect;

(new Redirector(url()))->away('/somewhere/'.$request->query('path'));
return Redirect::to(request()->post('path'));

# How To Fix

To fix this issue, simply remove any redirects to user provided external links.

# References