Vulnerability in Episerver detected by Holm Security

Holm Security’s security team is working hard to detect new vulnerabilities in widely used CMS systems. Many of our customers use Episerver, where we recently discovered a vulnerability. The websites affected range from government agencies to large companies.

Holm Security discovered a vulnerability in EPiServer’s SiteSeeker product. The vulnerability means that JavaScript in affected web pages can be modified to include malware from another seemingly trustworthy domain. EPiServer has been informed of the vulnerability and they have developed a hotfix for this vulnerability in EPiServer CMS version 11.0.1. EPiServer refers customers to “EPiServer internal ticket ID: ESEE-61”.

Some examples of affected web pages are:

• The National Board of Housing, Building and Planning
• MSB
• Region Östergötland
• Lerum municipality
• Energy Agency
• The Swedish Transport Administration
• TRR Trygghetsrådet
• The Public Health Agency of Sweden
• Västervik municipality
• Gävle fastigheter (real estate)
• Kalmar county council
• Red Cross
• ESF Council
• Konstfack
• Värmland county council
• The Financial Supervisory Authority of Sweden