An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24550
Reference (s):
- https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/