github.com/ory/fosite suffers from insecure redirect validation. The vulnerability exists as it is possible to override the registered redirect URL, with custom URL query parameters, through an OAuth flow that requests for a redirect URL to the loopback adapter.