Open Redirect
googlesignin is vulnerable to open redirect. The vulnerability is due to improper validation of crafted URLs that bypass the "same origin" check, which allows an attacker to redirect users to a malicious origin and potentially chain it with arbitrary data injection into session cookies...