HomePentest-Tools.com Logo

EpiServer Find <13.2.7 - Open Redirect CVE-2020-24550

Severity
CVSSv3 Score
6.1
Vulnerability description

EpiServer Find before 13.2.7 contains an open redirect vulnerability via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.

Risk description

No risk description to display.

Recommendation

Upgrade to EpiServer Find version 13.2.7 or later to fix the open redirect vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Mar 31, 2021
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available