S4E

CVE-2020-24550 Scanner

Detects 'Open Redirect' vulnerability in EpiServer Find affects v. before 13.2.7.

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 seconds

Time Interval

1 month 3 days

Scan only one

URL

Toolbox

-

EpiServer Find is a powerful search solution that helps website owners improve their website's search experience. It works by indexing the website's content, making it easier for visitors to search for the information they need. This product is widely used by businesses because of its high performance and ease of use. 

However, a vulnerability code named CVE-2020-24550 was recently detected in EpiServer Find before version 13.2.7. This vulnerability allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL. This can be achieved by tricking users into clicking on a malicious link. 

When exploited, this vulnerability can lead to serious consequences. For example, attackers can redirect users to fake login pages and steal their credentials. They can also redirect users to websites that are infected with malware, which can lead to the compromise of sensitive data. In addition, attackers can use this vulnerability to spread phishing emails and other types of malicious content. 

In conclusion, if you're concerned about the security of your digital assets, the pro features of the s4e.io platform can be of great help. With our platform, you can easily and quickly learn about vulnerabilities in your digital assets. We offer a wide range of security tools and services, including vulnerability scanning, malware detection, and security consulting. So, don't hesitate to contact us today to learn more about how we can help you secure your digital assets.

 

REFERENCES

Get started to protecting your Free Full Security Scan