diff --git a/terragrunt/modules/release-distribution/lambdas/doc-router/index.js b/terragrunt/modules/release-distribution/lambdas/doc-router/index.js
index 70c07ee7b..d89393b6d 100644
--- a/terragrunt/modules/release-distribution/lambdas/doc-router/index.js
+++ b/terragrunt/modules/release-distribution/lambdas/doc-router/index.js
@@ -111,7 +111,12 @@ exports.handler = (event, context, callback) => {
 
     // Docs used to be under /doc, so redirect those for now
     if (request.uri.startsWith('/doc/')) {
-        return redirect(request.uri.slice(4), callback);
+        // Collapse repeated slashes to prevent open redirect vulnerabilities.
+        // E.g. this prevents paths like `/doc//example.com` from redirecting
+        // to `https://example.com`.
+        const redirectTarget = request.uri.slice(4).replace(/\/+/g, '/');
+
+        return redirect(redirectTarget, callback);
     }
 
     // The `/stable`, `/beta`, and `/nightly` urls are all workable as-is
diff --git a/terragrunt/modules/release-distribution/lambdas/doc-router/test.mjs b/terragrunt/modules/release-distribution/lambdas/doc-router/test.mjs
index 140255570..01e7a9c1c 100644
--- a/terragrunt/modules/release-distribution/lambdas/doc-router/test.mjs
+++ b/terragrunt/modules/release-distribution/lambdas/doc-router/test.mjs
@@ -53,6 +53,8 @@ test("example expected redirects", async (t) => {
     // /doc
     { from: "/doc/std", to: "/std" },
     { from: "/doc/hello", to: "/hello" },
+    // Test that repeated slashes are collapsed to prevent open redirect vulnerabilities
+    { from: "/doc//example.com/something", to: "/example.com/something" },
   ];
 
   for (const redir of redirects) {