CWE-698—Execution After Redirect (EAR)
PUBLISHEDweakness record
released 2008-09-09 · last modified 2025-12-11
Metadata
- CWE ID:
- CWE-698
- 摘要:
- Base
- 结构:
- Simple
- 状态:
- Incomplete
- 发布日期:
- 2008-09-09
- 更新日期:
- 2025-12-11
名称
Execution After Redirect (EAR)
描述
The web application sends a redirect to another location, but instead of exiting, it executes additional code.
常见后果
- 范围:
- Other, Confidentiality, Integrity, Availability
- 影响:
- Alter Execution Logic, Execute Unauthorized Code or Commands
- 注释:
- This weakness could affect the control flow of the application and allow execution of untrusted code.