Exploitation Summary
EIP tracks 1 public exploit for CVE-2020-22840. PoCs published by Nakul Ratti. A Nuclei detection template is also available.
AI-analyzed exploit summary This is a writeup describing an open redirect vulnerability in b2evolution 6.11.6. The exploit involves crafting a URL with a malicious 'redirect_to' parameter to redirect users to an attacker-controlled domain.
Description
Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php.
Exploits (1)
This is a writeup describing an open redirect vulnerability in b2evolution 6.11.6. The exploit involves crafting a URL with a malicious 'redirect_to' parameter to redirect users to an attacker-controlled domain.
Nuclei Templates (1)
References (3)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N