Reflected XSS Vulnerability in b2evolution CMS by b2evolution
CVE-2020-22839

6.1MEDIUM

Key Information:

Vendor: B2evolution
Status: B2evolution Cms
Vendor: CVE Published:; 9 February 2021

🔔 Create B2evolution Vulnerability Alert

What is CVE-2020-22839?

A reflected cross-site scripting (XSS) vulnerability exists in the evoadm.php file of b2evolution CMS version 6.11.6-stable. This vulnerability enables remote attackers to inject arbitrary web scripts or HTML code via the 'tab3' parameter. Successful exploitation could lead to harmful scripts being executed in users' browsers, which poses significant security risks and undermines user trust.