Sauyon Lee

**Name of the Vulnerable Software and Affected Versions** Sourcegraph versions prior to 3.15.1 **Description** The issue is related to a vulnerable authentication workflow due to improper validation in the `SafeRedirectURL` method. This method, located in `cmd/frontend/auth/redirect.go`, fails to properly validate URLs, which can be exploited. For example, the substring `//foo//example.com` can be used to bypass validation. **Recommendations** For versions prior to 3.15.1, update to version 3.15.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `SafeRedirectURL` method in `cmd/frontend/auth/redirect.go` to minimize the risk of exploitation.