Описание
The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
Ссылки
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchRelease NotesVendor Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchRelease NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.8.7 (включая)Версия до 1.8.7 (включая)
Одно из
cpe:2.3:a:mybb:merge_system:*:*:*:*:*:*:*:*
cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00652
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 7.4
github
больше 3 лет назад
The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
EPSS
Процентиль: 70%
0.00652
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-918