Java Insecure Redirect Untrusted Data
Description
Detects unvalidated redirects in Java web applications where the HttpServletResponse.sendRedirect() method receives untrusted input. This vulnerability could allow attackers to redirect users to malicious websites by manipulating the redirect URL parameter.
Detection Strategy
• Check if the application uses Java Servlet or Spring Framework libraries
• Identify calls to sendRedirect() method on HttpServletResponse objects
• Verify if the redirect URL parameter comes from untrusted sources like user input
• Ensure the URL parameter is not properly validated or sanitized before use
• Report vulnerability when an unsanitized, user-controlled value is used in the redirect URL
Vulnerable code example
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class RedirectServlet extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response) {
// VULNERABLE: Direct use of user input in redirect without validation
response.sendRedirect(request.getParameter("url"));...✅ Secure code example
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.