Burp reports Unvalidated Redirect in NetIQ Access Manager after upgrading to NAM 4.3 AC and IDP URLs (CVE-2017-14802)

https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet talks about how Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. NAM Admin Console and IDP servers have a URL that could be used to trigger such redirects.

Apply 4.3.3. The fix consists on sanitation/validation of input into the iManager NPS pages.