Tag
cwe-601
Safeguard articles tagged "cwe-601" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Guides
Open Redirect Vulnerabilities: Prevention Guide
An open redirect lets an attacker use your trusted domain to send victims anywhere — the ideal setup for phishing and OAuth token theft. Here's how to build redirects that can't be abused.
Jul 8, 20265 min read
Application Security
Preventing open redirect vulnerabilities in Laravel
Laravel's own ->away() helper is documented as a bypass of its URL safety checks — feed it user input and you've built an open redirect, CWE-601, into the framework's happy path.
Jul 8, 20266 min read
Vulnerability Analysis
Open redirect vulnerabilities explained
Open redirect flaws (CWE-601) score as medium severity alone, but they power real phishing campaigns against Google, Amex, and Microsoft. Here's how they work and how to stop them.
Dec 12, 20257 min read