Episerver Find

A Unvalidated Redirect vulnerability in EpiServer Find <=13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.

Exploit

https://<vulnerable>/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://www.example.com

Link to CVE-2020-24550