An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter “url” in login page was not filtered and can redirect user to any website.

By admin