Описание
In Mendix 7.23.5 and earlier, the Excel importer module is vulnerable to SSRF, which allows attackers to craft requests from Mendix servers to any destination on the internet or a Mendix internal network, perform port scanning, and disclose lists of files located on Mendix servers.
In Mendix 7.23.5 and earlier, the Excel importer module is vulnerable to SSRF, which allows attackers to craft requests from Mendix servers to any destination on the internet or a Mendix internal network, perform port scanning, and disclose lists of files located on Mendix servers.
Связанные уязвимости
CVSS3: 5.3
nvd
больше 6 лет назад
In Mendix 7.23.5 and earlier, issue in XML import mappings allow DOCTYPE declarations in the XML input that is potentially unsafe.