Open Redirect On Login Page.

Hello, I was doing a bug bounty for a company and stumbled upon an open redirect on the login page ~
# Steps to reproduce:
- Go to login page: https://translate.[DOMAIN].com/accounts/login/?next=//google.com
- Replace [DOMAIN] with your instance.
- Login
- User will be redirected to the domain inside the "?next=" parameter. 

# Results (Expected/Actual):
User should be notified that they are leaving domain or shouldn't be redirected at-all. / Instead user gets redirected without any confirmation or notice.
Portswigger refrence on open redirect: https://portswigger.net/kb/issues/00500100_open-redirection-reflected

# Environment 
Version: 2.8.2 


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Open Redirect On Login Page. #6906

Steps to reproduce:

Results (Expected/Actual):

Environment

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Open Redirect On Login Page. #6906

Description

Steps to reproduce:

Results (Expected/Actual):

Environment

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions