An open redirect is a vulnerability that exists when a script allows redirectionto an external site by directly calling a specific URL in an unfiltered,unmanaged fashion, which could be used to redirect victims to unintended,malicious web sites. A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect.
A similar vulnerability is reported in Google by “Ucha Gobejishvili ( longrifle0x )“. This problem may assist an attacker to conduct phishing attacks, trojan distribution, spammers.
Same vulnerability in Facebook, Discovered by ZeRtOx from Devitel group:
URL redirection Vulnerability in Google