An open redirect is when a web application or server uses a user submitted link to redirect the user to a given website or page. Even though it seems like a harmless action, to let a user decide on which page he wants to be redirected to.
How does the exploitation work?
When the user clicks on a link of a legitimate website he often won’t be suspicious if suddenly a login prompt shows up. To launch a successful phishing attack the attacker sends the victim a link, for example via email, which exploits the vulnerability on the vulnerable website.
By exploiting the open redirect vulnerability on the legitimate website, the attacker is redirecting the victim to,
http://xyz.com/phishwhich is a phishing page that is similar to the legit website. Once the visitor is on the attacker’s malicious website, he enters his credentials on the login form which points to a script that is controlled by the attacker. The script is typically used to save the username and the password on the attacker side.
How does the prevention works?