Security Test: Request URL Override¶
Description¶
Default Severity:
Request URL Override vulnerabilities occur when an application allows attackers to manipulate the target URL by injecting headers such as X-Original-URL or X-Rewrite-URL. These headers can override the intended URL used in a request, leading to unauthorized access to resources, bypassing of security controls, or redirection to malicious sites. Such vulnerabilities often arise when applications rely on client-supplied headers to determine the target URL without proper validation or sanitization. Failure to enforce strict URL validation can result in security breaches, data leaks, or phishing attacks.
Reference:
Configuration¶
Identifier:
configuration/request_url_override
Examples¶
All configuration available:
checks:
configuration/request_url_override:
skip: false # default
options:
skip_objects: # cf. Options below
Options¶
Options can be set in the options key of the Security Test Configuration.
| Property | Type | Default | Description |
|---|---|---|---|
skip_objects | List[string] | List of objects that are to be skipped by the security test. |
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API10:2023 |
| OWASP LLM Top 10 | LLM06:2023 |
| PCI DSS | 6.5.1 |
| GDPR | Article-32 |
| SOC2 | CC1 |
| PSD2 | Article-95 |
| ISO 27001 | A.14.2 |
| NIST | SP800-53 |
| FedRAMP | AC-7 |
| CWE | 601 |
| CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:H/RL:O/RC:C |
| CVSS Score | 6.5 |