This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Open Redirect via `_t_redirect` parameter in crafted URLs (e.g., `/find_v2/_click`). π₯ **Consequences**: Users are redirected to untrusted/malicious sites.β¦
π΅οΈ **Attacker Action**: Craft a malicious URL with a redirect target. π― **Impact**: Trick users into visiting malicious sites. Potential to steal sensitive info or modify data via social engineering.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **LOW**. π **Auth**: No authentication required. βοΈ **Config**: Exploitable via simple URL manipulation. Easy to distribute via phishing links.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Public Exp**: **YES**. π **PoC**: Available via Nuclei templates (`CVE-2020-24550.yaml`). π **Wild Exploitation**: Likely, due to simplicity.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for `/find_v2/_click` endpoints. π§ͺ **Test**: Inject malicious URL into `_t_redirect` parameter. Check if browser redirects to the external domain.
Q8Is it fixed officially? (Patch/Mitigation)
π οΈ **Fix**: **YES**. π₯ **Patch**: Upgrade to **EpiServer Find 13.2.7** or later. β **Status**: Officially patched.
Q9What if no patch? (Workaround)
π§ **No Patch?**: Implement WAF rules to block redirects to untrusted domains. π« **Mitigation**: Validate `_t_redirect` parameter against a whitelist of allowed hosts.
Q10Is it urgent? (Priority Suggestion)
β οΈ **Priority**: **MEDIUM-HIGH**. π **Urgency**: Patch immediately if exposed. Critical for user trust and security hygiene. Low barrier to exploit makes it attractive for attackers.