An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.
References
Link | Resource |
---|---|
https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/ | Exploit Third Party Advisory |
https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 05:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/ - Exploit, Third Party Advisory |
Information
Published : 2021-03-31 22:15
Updated : 2024-11-21 05:14
NVD link : CVE-2020-24550
Mitre link : CVE-2020-24550
CVE.ORG link : CVE-2020-24550
JSON object : View
Products Affected
episerver
- find
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')