CWE-698β€”Execution After Redirect (EAR)

PUBLISHEDweakness record
released 2008-09-09 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-698
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2008-09-09
Latest Modification Date:
2025-12-11

Weakness Name

Execution After Redirect (EAR)

Description

The web application sends a redirect to another location, but instead of exiting, it executes additional code.

Common Consequences

Scope:
Other, Confidentiality, Integrity, Availability
Impact:
Alter Execution Logic, Execute Unauthorized Code or Commands
Notes:
This weakness could affect the control flow of the application and allow execution of untrusted code.

Related Weaknesses