Are open redirects a security concern?

YES, and its an OWASP top 10 violation: OWASP A10 - Unvalidated Redirect. These are valuable for phishing and spam. Recently it was uncovered that spammers where exploiting Open Redirect vulnerabilities on US .gov websites for profit.