When I scanned ASP.NET application using Burp Scanner Tool I got 'Open redirection (DOM-based)' issue in asp.net webresource.axd file. Please let me know if anyone experienced same issue, or if you have any idea or workaround can fix this issue.
Issue details are below:
Issue detail The application may be vulnerable to DOM-based open redirection. Data is read from document.location.pathname and written to the open() function of an XM`LHttpRequest object via the following statements:
var action = theForm.action || document.location.pathname, fragmentIndex = action.indexOf('#');
action = action.substr(0, fragmentIndex);
action = encodeURI(path) + action.substr(queryIndex);
xmlRequest.open("POST", action, true);Please help!!! Thanks in advance!