CVE-2020-18660
published 2021-06-23CVE-2020-18660: GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.
PriorityP424medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
1.29%
66.5th percentile
GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| get-simple | getsimplecms | <= 3.3.15 | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1310https://github.com/LoRexxar/CVE_Request/blob/master/getsimplecms%20v3.3.15/getsimplecms_before_v3.3.15.mdhttps://www.seebug.org/vuldb/ssvid-97928https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1310https://github.com/LoRexxar/CVE_Request/blob/master/getsimplecms%20v3.3.15/getsimplecms_before_v3.3.15.mdhttps://www.seebug.org/vuldb/ssvid-97928
2021-06-23
Published