Описание
Bon Presta boninstagramcarousel between v5.2.1 to v7.0.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at insta_parser.php. This vulnerability allows attackers to use the vulnerable website as proxy to attack other websites or exfiltrate data via a HTTP call.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.2.1 (включая) до 7.0.0 (исключая)
cpe:2.3:a:bontheme:socialfeed_-_photos_\&_video_using_instagram_api:*:*:*:*:*:prestashop:*:*
EPSS
Процентиль: 24%
0.00082
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 9.8
github
больше 2 лет назад
Bon Presta boninstagramcarousel between v5.2.1 to v7.0.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at insta_parser.php. This vulnerability allows attackers to use the vulnerable website as proxy to attack other websites or exfiltrate data via a HTTP call.
EPSS
Процентиль: 24%
0.00082
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-918