cbcvebase.
CVE-2020-24550
published 2021-03-31

CVE-2020-24550: An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a…

PriorityP338medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
4.74%
90.7th percentile
An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.

Affected

1 ranges
VendorProductVersion rangeFixed in
episerverfind< 13.2.713.2.7

Detection & IOCsextracted from sources · hover to see the quote

url/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh
path/find_v2/_click
  • Look for HTTP GET requests to /find_v2/_click containing the _t_redirect parameter with an external/untrusted URL value.
  • Detect exploitation by matching HTTP 301 responses with a Location header pointing to an external domain originating from requests to /find_v2/_click.
  • ·The vulnerability is only present in EpiServer Find versions before 13.2.7. Detection rules should be scoped to installations running affected versions.

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.