gitlab.security_code_scan.SCS0027-1

unknown
Download Count*
License

Unvalidated redirects occur when an application redirects a user to a destination URL specified by a user supplied parameter that is not validated. Such vulnerabilities can be used to facilitate phishing attacks.

Run Locally

Run in CI

Defintion

rules:
  - id: security_code_scan.SCS0027-1
    mode: taint
    pattern-sources:
      - patterns:
          - pattern: $SRC
          - pattern-inside: |
              public $RET $FUNC(...,$SRC,...){...}
    pattern-sanitizers:
      - pattern-either:
          - pattern: TryCreate(...)
          - pattern: Action(...)
          - pattern: HttpRouteUrl(...)
          - pattern: RouteUrl(...)
    pattern-sinks:
      - patterns:
          - pattern-not-inside: |
              if (IsLocalUrl(...)) {
                  ...
                  Redirect(...);
                  ...
              }
          - pattern-not-inside: |
              if ($URL.IsLocalUrl(...)) {
                  ...
                  Redirect(...);
                  ...
              }
          - pattern-either:
              - pattern: Redirect(...)
              - pattern: RedirectPermanent(...)
              - pattern: RedirectToRoute(...)
              - pattern: RedirectToRoutePermanent(...)
              - pattern: new RedirectResult(...)
    languages:
      - csharp
    message: >
      Unvalidated redirects occur when an application redirects a user to a

      destination URL specified by a user supplied parameter that is not validated.

      Such vulnerabilities can be used to facilitate phishing attacks.
    metadata:
      category: security
      cwe: "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"
      license: MIT
    severity: WARNING