A cross-site scripting (XSS) vulnerability was found at the Pangle endpoint via the 'redirect' parameter. This was caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload could have been returned by the above endpoint an…