Open Redirect in EpiServer

Published on

10 Jan 2022

Vulnerability

Description

An attacker can utilise the _t_redirect argument in a constructed URL, such as a /find_v2/_click URL, to redirect visitors to untrusted websites using an Open Redirect vulnerability in EpiServer Find before 13.2.7.

Recommendations

Update EpiServer to the latest version

Experience the Beagle Security platform

Unlock one full penetration test and all Advanced plan features free for 10 days

Open Redirect in EpiServer

Description

Recommendations

Related Articles