We can learn the following from this report:
- Most of the time, redirect parameters display the target URIs in the HTML content of the middleware pages, which is ignored by whitelisting mechanisms
- Even without adjacent input parameters, we should always look for vulnerabilities in the GET requests