Open redirect in semrush.com

**Summary:** There is an open redirect on https://www.semrush.com/login/?redirect_to=. By using /\ at the start of the link, you can bypass the open redirect filter. **Description:** An attacker can control the value of the "redirect_to" parameter and make it redirect to a malicious endpoint. ## Steps To Reproduce: Visit: `www.semrush.com/login/?redirect_to=/\google.com` Once you login, you will be redirected to google.com ## Impact This vulnerability can be used for phishing attacks