After SAML Response POST AEM sends user to secured URL with extra question mark

AEM redirects the user to the original secured URL with an extra "?" after the IDP SAML Response POST back to AEM.  This is breaking SAML auth.  The extra "?" is set in the saml_request_path cookie.

The scenario goes like this:

1. The user goes to a secured url on the AEM instance that includes a querystring, for example /secured.html?test=1.
2. AEM sends the user to the IDP (Authn POST or redirect).
3. IDP does the SAMLResponse POST to AEM.
4. AEM redirects the user to the url from step 1 but with an extra question mark added to the querystring, for example /secured.html??test=1.

AEM 6.2

This is a known AEM product bug GRANITE-14613.

Either install the latest AEM 6.2 Cumulative Fix Pack or contact AEM Customer Care for hotfix 13707.