← Back to CVEs
CVE-2020-36912
CRITICAL9.8
Description
Plexus anblick Digital Signage Management 3.1.13 contains an open redirect vulnerability in the 'PantallaLogin' script that allows attackers to manipulate the 'pagina' GET parameter. Attackers can craft malicious links that redirect users to arbitrary websites by exploiting improper input validation in the parameter.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published1/6/2026
Last Modified1/8/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-601
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/185521(disclosure@vulncheck.com)
https://packetstormsecurity.com/files/158473(disclosure@vulncheck.com)
https://www.plexus.es/(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/plexus-anblick-digital-signage-management-open-redirect-via-pagina-parameter(disclosure@vulncheck.com)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5573.php(disclosure@vulncheck.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.