nuclei-templates/cves/2020/CVE-2020-24550.yaml

id: CVE-2020-24550

info:
  name: CVE-2020-24550
  author: dhiyaneshDK
  severity: medium
  description: An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.
  tags: cve,cve2020,redirect,episerver
  reference: https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/

requests:
  - method: GET

    path:
      - '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://example.com'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Location: https://example.com"
        part: header
      - type: status
        status:
          - 301
Create CVE-2020-24550.yaml 2021-04-02 08:41:43 +00:00			`id: CVE-2020-24550`

			`info:`
			`name: CVE-2020-24550`
			`author: dhiyaneshDK`
			`severity: medium`
Update CVE-2020-24550.yaml 2021-04-02 09:01:43 +00:00			`description: An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.`
			`tags: cve,cve2020,redirect,episerver`
Better reference 2021-04-04 09:49:07 +00:00			`reference: https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/`
Create CVE-2020-24550.yaml 2021-04-02 08:41:43 +00:00
			`requests:`
			`- method: GET`

			`path:`
Update CVE-2020-24550.yaml 2021-04-02 09:01:43 +00:00			`- '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://example.com'`

Create CVE-2020-24550.yaml 2021-04-02 08:41:43 +00:00			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
Update CVE-2020-24550.yaml 2021-04-02 09:01:43 +00:00			`- "Location: https://example.com"`
Create CVE-2020-24550.yaml 2021-04-02 08:41:43 +00:00			`part: header`
			`- type: status`
			`status:`
			`- 301`