Detect unvalidated redirect vulnerabilities (CWE-601)
URL Redirection to Untrusted Site (Open Redirect)
Broken Access Control
Testing bypass techniques and encoding