If a redirect is used in the application, ensure the specified destination is authorized for the application and for the invoking user. Also, note that unchecked redirects that are not bound to a relative path for the application are used by phishers to redirect victims to malicious sites.