Arbitrary Page Redirect

Detect statements that might expose your app to Arbitrary Page Redirect vulnerability.

Lorenzo Frattini avatar
Written by Lorenzo Frattini
Updated over a week ago


Arbitrary Page Redirects are possible when a web application could redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may launch a phishing scam and steal user credentials.


  • Visualforce page

  • Visualforce components

  • Apex controllers

Did this answer your question?