exploitDog

GHSA-xxqh-2vwh-rx4f

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.

In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.

Ссылки

EPSS

Процентиль: 35%

0.00141

Низкий

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2020-21788

CVSS3: 4.3

nvd

почти 4 года назад

In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.

EPSS

Процентиль: 35%

0.00141

Низкий

CVE ID

Дефекты

CWE-918