Описание
Server-Side Request Forgery in UReport
UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.
Пакеты
Наименование
com.bstek.ureport:ureport2-console
maven
Затронутые версииВерсия исправления
<= 2.2.9
Отсутствует
Связанные уязвимости
CVSS3: 5.3
nvd
больше 4 лет назад
UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.