BaseIncomplete

CWE-698Execution After Redirect (EAR)

Category: other

Description

The web application sends a redirect to another location, but instead of exiting, it executes additional code.

Common consequences· 1

  • Other / Confidentiality / Integrity / Availability — Alter Execution Logic, Execute Unauthorized Code or Commands
    This weakness could affect the control flow of the application and allow execution of untrusted code.

References

  1. https://cwe.mitre.org/data/definitions/698.html

(incoming)5

TypeTargetConfidenceTier
VulnerabilityCVE-2025-6967cve-2025-69670%live
VulnerabilityCVE-2025-8350cve-2025-83500%live
VulnerabilityCVE-2026-2699cve-2026-26990%live
VulnerabilityCVE-2026-3262cve-2026-32620%live
VulnerabilityCVE-2026-3264cve-2026-32640%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
URL Redirection to Untrusted Site ('Open Redirect')
CWE
Server-Side Request Forgery (SSRF)
CWE
Use of HTTP Request With Sensitive Query String
CWE
Improper Neutralization of Encoded URI Schemes in a Web Page
CWE
Servlet Runtime Error Message Containing Sensitive Information
CWE
J2EE Misconfiguration: Missing Custom Error Page
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.