Phan Nguyên Long

**Name of the Vulnerable Software and Affected Versions** Horizon Web Dashboard versions 19.4.0 through 20.1.4 **Description** The issue is related to an Open Redirect vulnerability via the `success url` parameter. This allows for potential redirection to unintended websites. **Recommendations** For Horizon Web Dashboard versions 19.4.0 through 20.1.4, consider restricting access to the `success url` parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the `success url` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.