Reddit discussion about an open redirect exploit on Adobe's site

TL;DR - you can put a phishing URL at the end of a legit Adobe domain and with the right flags it will redirect the user to the phishing URL.