ajinabraham · ajinabraham · Oct 23, 2024 · Oct 18, 2024 · Oct 22, 2024
diff --git a/njsscan/rules/semantic_grep/redirect/open_redirect.yaml b/njsscan/rules/semantic_grep/redirect/open_redirect.yaml
@@ -23,6 +23,7 @@ rules:
     message: >-
       Untrusted user input in redirect() can result in Open Redirect
       vulnerability.
+      An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance. Whether this issue poses a vulnerability will be subject to the intended behavior of the application. For example, a search engine might intentionally provide redirects to arbitrary URLs.
     languages:
       - javascript
     severity: ERROR
@@ -73,9 +74,10 @@ rules:
     message: >-
       Untrusted user input in response header('Location') can result in Open
       Redirect vulnerability.
+      An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance. Whether this issue poses a vulnerability will be subject to the intended behavior of the application. For example, a search engine might intentionally provide redirects to arbitrary URLs.
     languages:
       - javascript
     severity: ERROR
     metadata:
       owasp-web: a1
-      cwe: cwe-601
+      cwe: cwe-601