Reflected file download

Description

Reflected file download is a new web attack vector that enables attackers to initiate a fake download from a trusted domain. The file to be downloaded doesn't exist on the target domain, it is dynamically generated by exploiting this vulnerability. Consult web references for more information about this vulnerability.

Remediation

To fix this issue the web application must return a Content-Disposition header with a filename attribute. Setting the filename attribute fixes the name of the downloaded file and the browser doesn't have to guess it. For example:

Content-Disposition: attachment; filename=1.txt

References
Severity
Classification
Tags
  • Abuse Of Functionality