CVE-2020-18660
First published: Wed Jun 23 2021(Updated: )
GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Get-simple Getsimplecms | <=3.3.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-18660?
CVE-2020-18660 is a vulnerability in GetSimpleCMS <=3.3.15 that allows an attacker to redirect users to malicious websites.
How severe is CVE-2020-18660?
CVE-2020-18660 has a severity rating of 6.1 (medium).
How does CVE-2020-18660 affect GetSimpleCMS?
CVE-2020-18660 affects GetSimpleCMS versions up to and including 3.3.15.
How can the open redirect vulnerability in GetSimpleCMS be exploited?
The open redirect vulnerability in GetSimpleCMS can be exploited through the redirect function in the admin/changedata.php file by manipulating the url parameter.
Is there a fix available for CVE-2020-18660?
Yes, upgrading GetSimpleCMS to version 3.3.16 or later fixes the open redirect vulnerability.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/references
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/get-simple
- canonical/get-simple getsimplecms
- version/get-simple getsimplecms/3.3.15