The code describes a URI-redirection vulnerability in Sitecore CMS due to improper input sanitization. It provides a proof-of-concept URL that demonstrates the vulnerability by redirecting users to an arbitrary site.
Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:Sitecore CMS versions 6.4.1 rev. 110324 and prior
No auth needed
Prerequisites:A vulnerable version of Sitecore CMS · User interaction to click on a malicious link