Khoj Open Redirect Vulnerability in Login Page
An attacker can use the next parameter on the login page to redirect a victim to a malicious page, while masking this using a legit-looking app.khoj.dev url. For example, https://app.khoj.dev/login?next=//example.com will redirect to the https://example.com page.