Index: openacs-4/packages/acs-subsite/lib/user-new.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/lib/user-new.tcl,v
diff -u -N -r1.23 -r1.23.2.1
--- openacs-4/packages/acs-subsite/lib/user-new.tcl	30 Jun 2018 21:08:42 -0000	1.23
+++ openacs-4/packages/acs-subsite/lib/user-new.tcl	28 Nov 2019 11:06:31 -0000	1.23.2.1
@@ -182,9 +182,16 @@
 } -after_submit {
 
     if { $next_url ne "" } {
-        # Add user_id and account_message to the URL
-
-        ad_returnredirect [export_vars -base $next_url {user_id password {account_message $creation_info(account_message)}}]
+        #
+        # Add user_id and account_message to the URL, but do not pass
+        # password via query parameter. We have to make sure that
+        # $next_url tries to get the password from the client property
+        # as well.
+        #
+        security::set_client_property_password $password
+        ad_returnredirect [export_vars -base $next_url {
+            user_id {account_message $creation_info(account_message)}
+        }]
         ad_script_abort
     }