Hello, We are glad to inform you about the vulnerabilities we reported in GetSimpleCMS 3.3.13.
Here are the details: Advisory by Netsparker Name: Open Redirection Vulnerability in GetSimpleCMS Affected Software: GetSimpleCMS Affected Versions: 3.3.13 Homepage: http://get-simple.info/ Vulnerability: Open Redirection Severity: Medium Status: Not Fixed CVSS Score (3.0): AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Netsparker Advisory Reference: NS-18-056 URL : http://GetSimpleCMS-3.3.13/admin/index.php?redirect=http://r87.com/?localhost/ Parameter Name : redirect Parameter Type : GET Attack Pattern : http://r87.com/?localhost/ Github: https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1300 For more information on Open Redirection vulnerabilities read the article Open Redirection. For more information: https://www.netsparker.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms/ Regards, Daniel Bishtawi Marketing Administrator | Netsparker Web Application Security Scanner Tel: +44 (0)20 3588 3843 Follow us on Twitter <https://twitter.com/netsparker> | LinkedIn <https://www.linkedin.com/company/netsparker-ltd> | Facebook <https://facebook.com/netsparker> <https://www.netsparker.com/blog/events/exhibiting-rsa-conference-san-francisco-usa-2019/> _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
