Description
This script is possibly vulnerable to URL redirection attacks.
URL redirection is sometimes used as a part of phishing attacks that confuse visitors about which web site they are visiting.
Remediation
Your script should properly sanitize user input.
References
Unvalidated Redirects and Forwards Cheat Sheet
HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics
Related Vulnerabilities
WordPress Plugin GdeSlon Affiliate Shop Open Redirect (2.0)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.22)
TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-3669)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.30)
PleskLin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-24044)