CWE-698 - Execution After Redirect (EAR)

CWE-698

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Execution After Redirect (EAR)

Description: The web application sends a redirect to another location, but instead of exiting, it executes additional code.

Common Consequences: Scope: Other, Confidentiality, Integrity, Availability
Impact: Alter Execution Logic, Execute Unauthorized Code or Commands
Notes: This weakness could affect the control flow of the application and allow execution of untrusted code.

Related Weaknesses

CWE-705Incorrect Control Flow Scoping

CWE-670Always-Incorrect Control Flow Implementation

Release Date:
2008-09-09

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard