diff --git a/src/Orchard.Web/Modules/Orchard.Users/Views/Account/ChallengeEmailSent.cshtml b/src/Orchard.Web/Modules/Orchard.Users/Views/Account/ChallengeEmailSent.cshtml
index 985230349..5a95ae308 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/Views/Account/ChallengeEmailSent.cshtml
+++ b/src/Orchard.Web/Modules/Orchard.Users/Views/Account/ChallengeEmailSent.cshtml
@@ -1,4 +1,6 @@
 @model dynamic
 <h1>@Html.TitleForPage(T("Challenge Email Sent").ToString()) </h1>
 <p>@T("An email has been sent to you. Please click on the link it contains in order to have access on this site.") </p>
-<p>@Html.Link(T("Go back to where you were"), Url.Content(Request.QueryString["ReturnUrl"]))</p>
+@if (Url.IsLocalUrl(Request.QueryString["ReturnUrl"])) {
+    <p>@Html.Link(T("Go back to where you were"), Url.Content(Request.QueryString["ReturnUrl"]))</p>
+}
\ No newline at end of file
diff --git a/src/Orchard.Web/Modules/Orchard.Users/Views/Account/RegistrationPending.cshtml b/src/Orchard.Web/Modules/Orchard.Users/Views/Account/RegistrationPending.cshtml
index 4866af55c..4ec1558ee 100644
--- a/src/Orchard.Web/Modules/Orchard.Users/Views/Account/RegistrationPending.cshtml
+++ b/src/Orchard.Web/Modules/Orchard.Users/Views/Account/RegistrationPending.cshtml
@@ -1,4 +1,6 @@
 @model dynamic
 <h1>@Html.TitleForPage(T("User Registration Pending").ToString()) </h1>
 <p>@T("Your user account has been created but has to be approved before it can be used.")</p>
-<p>@Html.Link(T("Go back to where you were"), Url.Content(Request.QueryString["ReturnUrl"]))</p>
+@if (Url.IsLocalUrl(Request.QueryString["ReturnUrl"])) {
+    <p>@Html.Link(T("Go back to where you were"), Url.Content(Request.QueryString["ReturnUrl"]))</p>    
+}
\ No newline at end of file