logo

CWE-698 - Execution After Redirect (EAR)

CWE-698

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Execution After Redirect (EAR)

Description

The web application sends a redirect to another location, but instead of exiting, it executes additional code.

Common Consequences

Scope: Other, Confidentiality, Integrity, Availability

Impact: Alter Execution Logic, Execute Unauthorized Code or Commands

Notes: This weakness could affect the control flow of the application and allow execution of untrusted code.

Related Weaknesses
  • Release Date:
  • 2008-09-09
  • Latest Modification Date:
  • 2023-10-26

Free security scan for your website