Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect')
An issue on Coder's login page allows attackers to craft a Coder URL that when clicked by a logged in user could redirect them to a website the attacker controls, e.g. https://google.com.