Open redirect

Overview
An open redirect is an application that takes a parameter and redirects a user to the parameter value without any validation. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.

Consequences
Phishing

Examples
http://www.vulnerable.com?redirect=http://www.attacker.com

Related problems

 * Open forward