Redirect Without Exit
Weakness ID: 698 (Weakness Base)Status: Incomplete
+ Description

Description Summary

The web application sends a redirect to another location, but instead of exiting, it executes additional code.
+ Time of Introduction
  • Implementation
+ Detection Methods

Black Box

This issue might not be detected if testing is performed using a web browser, because the browser might obey the redirect and move the user to a different page before the application has produced outputs that indicate something is amiss.

+ Weakness Ordinalities
OrdinalityDescription
Primary
(where the weakness exists independent of other weaknesses)
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory361Time and State
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class670Always-Incorrect Control Flow Implementation
Research Concepts1000
ChildOfWeakness ClassWeakness Class705Incorrect Control Flow Scoping
Research Concepts (primary)1000
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-09-09MITREInternal CWE Team
Back to top