Google API key leaks and security misconfiguration leads Open Redirect Vulnerability

## Summary: Hello, when i search your targets and javascript files I found an googleapikey leaks in url = [https://account.clario.co/js/main.044af6485f6b0cd90809.js](https://account.clario.co/js/main.044af6485f6b0cd90809.js "Url"). Part of the leak down below; ``` 'https://firebasedynamiclinks.googleapis.com/v1/shortLinks?key=AIzaSyAw-SpLHVTIP3IFEIkckCuEmIhnUrY9OrQ'; ``` {F1129971} After that I do some research about that API key. I found how to use. This API shortening urls. API looks for key, company and regex rule for shortening urls. Ref Link1 => [https://support.google.com/firebase/answer/9021429](https://support.google.com/firebase/answer/9021429 "Url") Ref Link2 =>[https://firebase.google.com/docs/dynamic-links/rest](https://firebase.google.com/docs/dynamic-links/rest "Url") While I was trying to test regex I was figured out i can short urls that redirect users whatever I want because of wrong regex leads security misconfiguration. Also I found urls shortening from ```https://lnk.clario.co/?link=[URLHERE]```. I found that endpoint from same javascript file. You can type anydomain and any urls only thing you need to do is add ```/clario.co/``` path to your url. Here is an example PoC video; {F1130020} You can redirect any website and any path to victims with that dynamic url. ## Steps To Reproduce: [add details for how we can reproduce the issue] 1. Get API key from javascript file. 2. Find endpoint for shortening url from javascript file. 3. Use postman or another tool for creating short url. 4. Send url to victims. After that its up to your imagination :). ## Supporting Material/References: [list any additional material (e.g. screenshots, logs, etc.)] ## Impact Shortened link looks legit because its coming from clairo.co when we are looks from the victims perspective. Because of this victims can click the link easily and redirect to malicious websites.