CWE-698 - Execution After Redirect (EAR)
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2008-09-09
- Latest Modification Date:2023-10-26
Weakness Name
Execution After Redirect (EAR)
Description
The web application sends a redirect to another location, but instead of exiting, it executes additional code.
Common Consequences
Scope: Other, Confidentiality, Integrity, Availability
Impact: Alter Execution Logic, Execute Unauthorized Code or Commands
Notes: This weakness could affect the control flow of the application and allow execution of untrusted code.