URL Redirection in ORKUT

About Orkut:-
orkut.com is an online community website designed for friends. The main goal of our service is to make your social life... orkut's social network can help you both maintain existing relationships and establish new ones by reaching out to people you've never met before. Who you interact with is entirely up to you

Original Url:-

https://www.orkut.com/
GLogin.aspx?done=http%3A%2F%2Fwww.orkut.com%2F

Malformed URL:-
https://www.orkut.com/GLogin.aspx?done=http://any_url.com

After successful validation Url redirection occurs. To make the matter worse , as the validation has already occured.the victims browser has been authenticated and will remain authenticated unless he logs out of orkut. Although remotely , it can only be exploited by doing a phishing attack at any_url.com with a fake login screen etc.

Credits:-$um$id