What is a URL Injection?

A URL injection is a type of cyberattack in which a hacker creates new pages on existing websites without the site owner's knowledge. The fake pages contain code that typically redirects visitors to other websites, but some injections can also facilitate attacks on other targets. Hackers perform URL injections through software vulnerabilities, such as an unprotected directory or outdated plug-ins.