cakephp/authentication

cakephp/authentication getLoginRedirect() backslash bypass vulnerability

The `getLoginRedirect()` method had a weakness to backslash bypasses allowing redirect targets with attacker controlled hostnames.