Description
This script is vulnerable to Cross Site Scripting (XSS) attacks.
Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user.
The server opens arbitrary URLs and puts the content retrieved from the URL into the response without filtering.
Remediation
Your server side code should verify if the URL from the user input is allowed to be retrieved and displayed or filter the response from the URL according to the context in which it is displayed.
References
Acunetix Cross Site Scripting Attack
VIDEO: How Cross-Site Scripting (XSS) Works