cbcvebase.
CVE-2020-11529
published 2020-04-04

CVE-2020-11529: Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.

PriorityP341medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
10.88%
95.3th percentile
Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.

Affected

2 ranges
VendorProductVersion rangeFixed in
getgravgrav<= 1.6.31
getgravgrav>= 0 < 1.6.231.6.23

Detection & IOCsextracted from sources · hover to see the quote

url{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/
pathcommon/Grav.php
  • Send a GET request with a double-URL-encoded open redirect payload in the path (%252f%255c) targeting the Grav CMS base URL and inspect the HTTP Location response header for an external redirect to a controlled domain.
  • The vulnerability resides in common/Grav.php; monitor or audit this file for unvalidated redirect logic in Grav versions prior to 1.7 (partially fixed in 1.6.23, still present in 1.6.x).
  • ·The fix is only partial in 1.6.23; systems running any 1.6.x release remain vulnerable even after applying the partial patch. Full remediation requires upgrading to 1.7 or later.

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.