CWE-698βExecution After Redirect (EAR)
PUBLISHEDweakness record
released 2008-09-09 Β· last modified 2025-12-11
Metadata
- CWE ID:
- CWE-698
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Release Date:
- 2008-09-09
- Latest Modification Date:
- 2025-12-11
Weakness Name
Execution After Redirect (EAR)
Description
The web application sends a redirect to another location, but instead of exiting, it executes additional code.
Common Consequences
- Scope:
- Other, Confidentiality, Integrity, Availability
- Impact:
- Alter Execution Logic, Execute Unauthorized Code or Commands
- Notes:
- This weakness could affect the control flow of the application and allow execution of untrusted code.