Description

An API endpoint follows redirections from external APIs. When an application automatically follows HTTP redirects returned by a third-party API, it may be tricked into sending requests to unintended or malicious destinations. An attacker who controls or compromises the external API could redirect your application to internal services, exposing sensitive data or enabling server-side request forgery (SSRF).

Rationale

This finding works by identifying an API route that follows HTTP redirections (3xx responses) when communicating with external APIs, rather than handling them explicitly.

Remediation

• Disable automatic redirect following for HTTP clients calling external APIs
• If redirections must be followed, validate the target URL against an allowlist before following
• Log and monitor unexpected redirections for anomaly detection

References