Covert Redirect – Wikipedia
Covert Redirect is a class of security bugs disclosed in May 2014. It is an application that takes a parameter and redirects a user to the parameter value without sufficient validation.
Covert Redirect is also related to single sign-on. It is well known by its influence on OAuthand OpenID. Covert Redirect was found and dubbed by a mathematics PhD student Wang Jing from School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore.
After Covert Redirect was published, it is kept in some common databases such as SCIP,OSVDB, Bugtraq, etc. Its scipID is 13185, while OSVDB reference number is 106567.Bugtraq ID: 67196.