Summary

Acunetix 360 identified an unexpected redirect response body (too large).

This generally indicates that after redirect the page did not finish the response as it was supposed to.

Impact

This can lead to serious issues such as authentication bypass in authentication required pages. In other pages it generally indicates a programming error.

Remediation

  1. Finish the HTTP response after you redirect the user.
  2. In ASP.NET, use Response.Redirect("redirected-page.aspx", true) instead of Response.Redirect("redirected-page.aspx", false).
  3. In PHP applications, call exit() after you redirect the user.

Severity

Information

Classification

CWE-698 ISO27001-A.14.2.5 WASC-40