Cross Domain Referrer Leakage


The application is vulnerable to cross domain referrer leakage.  The Referer header is an HTTP header field that was originally defined in RFC 1945, the standard that introduced HTTP V1.0.  The Referer header provides a server with the URL of the webpage that linked to the resource being requested. The application is leaking data across domains because the Referer header is sending a URL that contains sensitive information. 


Sensitive information is being transmitted to a third-party domain in the Referer header. Sensitive information may include password reset tokens, session IDs, or personally identifiable information. If the external domain is not fully trusted, the information may be used to attack the user or the application. Since header information may be stored in many locations within an organization, the opportunity for sensitive information in the URL to be exposed is greatly increased. Headers are also frequently stored in many places including server logs, proxy logs, and threat detection systems, just to name a few.

Risk Rating


How To Test

Sample Report Screenshots

Time Saving Tips

Testing Gotchas



Subscribe here in order to gain access to the AppSec Findings Database


Leave a Reply