Ex Libris Patron Directory Services version 2.1 suffers from an open redirection vulnerability.