A configuration item is added in v5.2 to the Kinetic Request Service Catalog Console configuration manager page. By default, the "Web Redirection Whitelist" configuration item is not set, so external redirections are not allowed.
Configuration Item: "Web Redirection Whitelist"
There may be multiple configuration items of the "Web Redirection Whitelist", each one specifies a host (ip address or domain name) that Kinetic Request is allowed to redirect to.
Forms that build HTML links to external web sites or applications are not restricted to this list of hosts. This security enhancement restricts redirections that can occur when controlling the user's destination from URL parameters.