Описание
ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables attackers to probe internal network information.
EPSS
Процентиль: 39%
0.00171
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 5.3
github
больше 1 года назад
ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables attackers to probe internal network information.
EPSS
Процентиль: 39%
0.00171
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-918