XSS Reflected at https://sketch.pixiv.net/ Via `next_url`

Hi, I Found XSS Reflected at https://sketch.pixiv.net/ Via Success URL ##Follow Me :) ##Steps : 1. Open the URL below: https://sketch.pixiv.net/resign_request/success?next_url=javascript%3Aalert%2F**%2F(document.domain) 2. Pop ups appear :) ## Impact If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can: Perform any action within the application that the user can perform