Redirects to user-controlled locations should be avoided
Impact area
Security
Severity
High
Affected element
Apex Class
Rule ID
SF-0019
Impact
Redirects to user-controlled locations can be used by attackers to redirect users to phishing sites.
Remediation
Do not allow uncontrolled redirects.
Time to fix
30 min
References
This rule is linked to Common Weakness Enumeration CWE-284 Improper Access Control.