An attacker can utilise the _t_redirect argument in a constructed URL, such as a /find_v2/_click URL, to redirect visitors to untrusted websites using an Open Redirect vulnerability in EpiServer Find before 13.2.7.
Recommendations
Update EpiServer to the latest version
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days