Next.JS security flaw on URL path