[Security:medium] Redirection URL validation bypass using credentials in URL
An attacker can forge a redirection on a malicious site using a fake credentials in URL value.
Example:
- Portal : https://auth.openid.club
- Allowed application : https://test1.openid.club
- Malicious site : https://google.fr
- Malicious URL : https://test1.openid.club:test@google.fr
- Malicious URL base 64 : aHR0cHM6Ly90ZXN0MS5vcGVuaWQuY2x1Yjp0ZXN0QGdvb2dsZS5mcgo=
- Malicious redirection trigger : https://auth.openid.club/?url=aHR0cHM6Ly90ZXN0MS5vcGVuaWQuY2x1Yjp0ZXN0QGdvb2dsZS5mcgo=