Content Spoofing and Local Redirect in Mapbox Studio

**Hi** I'm Found Bug It is Possible To Send His message Directly Through URL and Redirect Local . **Details** When you go to :- https://www.mapbox.com/studio/admin/ website redirect to ~~~ https://www.mapbox.com/studio/forbidden/?message=Sorry,only admins allowed here.&redirect=/studio/&path=/studio/admin/ ~~~ You can see parameter **message** and **redirect** not safe against the manipulation and interference **# Content Spoofing and Redirect** **URL POC** ~~~ https://www.mapbox.com/studio/forbidden/?message=Hi%20You%20Are%20%20Not%20%20in%20Mapbox%20Please%20Go%20%20To%20http://evil.com&redirect=/evil.com/&path=%2Fstudio%2Fadmin%2F ~~~ Message **Changed** and If Click On **Okay** Redirect on **evil.com** **Regards** **Hussain**