An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an malicious user to redirect a user to an arbitrary URL.
okta oidc middleware