An open redirect is where your application redirects the user to a URL supplied from an untrusted source, without checking the validity of that URL.