This vulnerability occurs when a web application relies on the Referer header for redirection without proper validation, allowing attackers to manipulate it and redirect users to malicious websites.br br Impact:br br Phishing Attacks: Tricking users into visiting fake or malicious sites.br Malware Distribution: Redirecting users to pages hosting malicious software.br Session Hijacking: Exploiting trust to steal session tokens or sensitive data.br Loss of User Trust: Damaging the application's reputation due to unsafe redirects.br Mitigation: Validate and whitelist redirect URLs to ensure they are legitimate. Avoid using the Referer header for critical decisions.