Javascript Kony Url Injection

Description

Detects potential URL injection vulnerabilities in JavaScript code using the Kony framework where unvalidated input could be used to manipulate URLs. This could allow attackers to redirect users to malicious sites or manipulate application navigation in unintended ways.

Weakness:

156 - Uncontrolled external site redirect

Category: Deceptive Interactions

Detection Strategy

• Check for calls to known URL handling functions in the Kony framework

• Verify if the first argument passed to these functions contains data from untrusted sources (like user input)

• Confirm there is no proper URL validation or sanitization of the input before it reaches the URL handling function

• Report a vulnerability when untrusted/unsanitized data flows into Kony URL handling functions

Vulnerable code example

function openUserProvidedUrl() {
    // Get URL directly from user input without validation
    let userInput = document.getElementById('urlInput').value;
    
    // VULNERABLE: Opening URL from unchecked user input allows redirect to malicious sites
    kony.application.openURL(userInput);
}

✅ Secure code example

function openUserProvidedUrl() {
    // Get URL from user input
    let userInput = document.getElementById('urlInput').value;
    
    // Define allowed domains whitelist
    const allowedDomains = ['trusted.com', 'api.trusted.com', 'safe-domain.com'];
    
    try {...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.