IT 计算机信息网络安全技术

IT 技术
计算机安全
网络网站安全
白帽子漏洞

© IT 计算机信息网络安全技术 | Powered by LOFTER

Web Technology:

白帽子计算机安全:

Covert Redirect - Wikipedia


Covert Redirect is a class of security bugs disclosed in May 2014.[1] It is an application that takes a parameter and redirects a user to the parameter value without sufficient validation.[2]


Covert Redirect is also related to single sign-on. It is well known by its influence on OAuth and OpenID. Covert Redirect was found and dubbed by a mathematics PhD student Wang Jing from School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore.[3]


After Covert Redirect was published, it is kept in some common databases such as SCIPOSVDBBugtraq, etc. Its scipID is 13185,[4] while OSVDB reference number is 106567.[5] Bugtraq ID: 67196.[6]



    https://en.wikipedia.org/wiki/Covert_Redirect 
评论
热度 ( 19 )