.. / CVE-2020-11529

Exploit for Grav <1.7 - Open Redirect (CVE-2020-11529)

Description:

Grav before 1.7 has an open redirect vulnerability via common/Grav.php. This is partially fixed in 1.6.23 and still present in 1.6.x.

Nuclei Template

View the template here CVE-2020-11529.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-11529.yaml
Copy

References:

https://github.com/getgrav/grav/commit/2eae104c7a4bf32bc26cb8073d5c40464bfda3f7
https://github.com/getgrav/grav/issues/3134
https://getgrav.org/#changelog
https://nvd.nist.gov/vuln/detail/CVE-2020-11529
https://github.com/ARPSyndicate/kenzer-templates