vulnerable: http://localhost:8081//secret.html;@example.com Redirect to arbitrary web site (in this case, https://example.com). patched: http://localhost:8082//secret.html;@example.com ref: https://github.com/advisories/GHSA-q3mw-pvr8-9ggc