exploitDog

GHSA-52cx-m9j4-rq34

Опубликовано: 07 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

An issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in threat intelligence, an attacker with low-level access to the system can trigger Server Side Request Forgery.

An issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in threat intelligence, an attacker with low-level access to the system can trigger Server Side Request Forgery.

Ссылки

EPSS

Процентиль: 43%

0.00206

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2024-33857

CVSS3: 9.6

nvd

почти 2 года назад

An issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in threat intelligence, an attacker with low-level access to the system can trigger Server Side Request Forgery.

EPSS

Процентиль: 43%

0.00206

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-918