Can you elaborate on why you believe this demonstrates a security vulnerability?

The Google.com page does not appear to undertake any effort (e.g. by setting ReferrerPolicy) to prevent its URL from being sent as a referrer (which, given that the URL contains nothing sensitive, seems reasonable).

By default, browsers send the Referer header for each navigation, except in HTTPS->HTTP navigations (to avoid leaking HTTPS-protected data over HTTP). Individual sites can specify a Referrer Policy [1] to override this default. The redirection page in this report does not do so and thus the default behavior is followed.

[1] https://www.w3.org/TR/referrer-policy/

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot