Name of the Vulnerable Software and Affected Versions: ScnSocialAuth versions prior to 1.15.2

Description: The issue is related to a missing escaping of the URL parameter redirect, which allows for a XSS attack. For example, setting the redirect parameter to "><a%20href="http://github.com">GitHub.com</a><input%20type="hidden"%20" would result in a link being added to the login page.

Recommendations: If you are using any version of ScnSocialAuth below 1.15.2, please upgrade immediately by running composer update.