Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Next.js <1.2.3 - Open Redirect" module is designed to detect an open redirect vulnerability in Next.js, a popular JavaScript framework for building server-side rendered React applications. This vulnerability allows an attacker to redirect users to malicious websites by manipulating the URL path.
This module has a medium severity level, indicating that it can potentially lead to unauthorized access or phishing attacks.
Author: DhiyaneshDk
An open redirect vulnerability in Next.js can be exploited by attackers to trick users into visiting malicious websites. This can lead to various consequences, including:
- Phishing attacks: Attackers can create deceptive URLs that appear legitimate to users, leading them to disclose sensitive information or perform unintended actions. - Malware distribution: By redirecting users to malicious websites, attackers can distribute malware, such as viruses or ransomware, to compromise users' devices. - Identity theft: Attackers can use open redirects to impersonate legitimate websites and steal users' login credentials or personal information.The "Next.js <1.2.3 - Open Redirect" module works by sending a specific HTTP request to the target application and analyzing the response. It checks for the presence of an open redirect vulnerability by verifying if the response contains a specific HTTP header and status code.
Here is an example of an HTTP request sent by the module:
GET /_next/image?url=/\\/\\interact.sh/&q=100&w=128&h=128
The module then applies the following matching conditions:
- Header condition: It checks if the response header contains the following location:/\\/\\/interact.sh
.
- Status code condition: It verifies if the response status code is 308
.
If both conditions are met, the module identifies the presence of an open redirect vulnerability in the Next.js application.
Reference: https://github.com/netlify/netlify-ipx/security/advisories/GHSA