XSS on redirection page( Bypassed)

Hello Semrush Team, In this report id ```311330```, I was filled duplicate and redirection url is fixed which made me feel happy as deserving bounty hunter gets a reward. However, after fixing from last night, I finally bypassed the redirection method which not only Triggered Xss, but also it redirects to somewhere else. ``` https://www.semrush.com/redirect?url=https://(websitelink) ``` #To reproduce So,I tried to craft a XSS like ```blocked://%0aalert(document.cookie)``` at the end of redirection Url,so it doesn't work. Afterwards,I encoded %0a to %250a, then modified the payload and injected at the end of url and it works like a charm. Here are the XSS payloads https://www.semrush.com/redirect?url=blocked://%250Aalert(document.cookie) https://www.semrush.com/redirect?url=blocked://%250Aalert(document.domain) When a particular user clicks the button,it's going to triggered an XSS. Now,Here comes the tricky part regarding Unvalidated redirection- Now if you inject ```blocked://%250Aalert(document.location="https://google.com",document.location="https://www.facebook.com")``` at the end of url like this https://www.semrush.com/redirect?url=blocked://%250Aalert(document.location="https://google.com",document.location="https://www.facebook.com") and a particular user click go to site,first page will popup google.com and then it's going to redirect to facebook.com. Please Consider it and let me know. With Regards Kunal (Attaching with Single POC ) F263582 ## Impact An attacker can perform dangerous attacks using XSS.