Phishing issue following login/logout

Hi Adrian,

There is a issue with phishing following login/logout if a malicious url is put in the next variable, which will redirect to another site after login/out.
Is it fixed in 2.3 version ?
if not, do you plan to handle that in some next version ?


First entry in the 2.3.4 changelog… Changelog — Indico 2.3.4 documentation

FWIW, the users who fall for an open redirector will probably also fall for a fake domain and other phishing techniques ;x