Vulnerability: b2evolution CMS <6.11.6 - Open Redirect

b2evolution CMS before 6.11.6 contains an open redirect vulnerability via the redirect_to parameter in email_passthrough.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.

Impact

This vulnerability can be exploited by attackers to trick users into visiting malicious websites, potentially leading to phishing attacks, malware infections, or unauthorized access to sensitive information.

Severity

medium

Verified

Unknown