An open redirect occurs if an application takes a parameter and redirects the user to that URL without any other validation.
What can happen?
In most cases, Open Redirect is very easy to exploit, which increases the likelihood of someone finding the vulnerability and abusing it. However, the potential impact of Open Redirect is not necessarily that dangerous. It is mostly used in phishing attacks or in a chain attacks where Open Redirect is only one of the multiple elements used.