Security Test: Request URL Override¶

Description¶

Default Severity:

This vulnerability happens when an application wrongly trusts certain headers from a client to determine which URL to use, letting attackers change that URL to access stuff they're not supposed to or steer users to unsafe websites. The danger is that security controls built around correct URL handling can be bypassed, which might allow unauthorized data access or even let attackers trick users into visiting malicious sites. Developers often fall into the trap of believing data from client headers without proper checks, so it's important to validate or ignore these headers entirely when they control important decisions.

Reference:

https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers

Configuration¶

Identifier: frontend_configuration/request_url_override

Examples¶

All configuration available:

checks:
  frontend_configuration/request_url_override:
    skip: false # default

Compliance and Standards¶

Standard	Value
OWASP API Top 10	API10:2023
OWASP LLM Top 10	LLM06:2023
PCI DSS	`6.5.1`
GDPR	`Article-32`
SOC2	`CC1`
PSD2	`Article-95`
ISO 27001	`A.14.2`
NIST	`SP800-53`
FedRAMP	`AC-7`
CWE	`601`
CVSS Vector	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:H/RL:O/RC:C`
CVSS Score	`6.5`