Описание
hopetree izone lts c011b48 contains a server-side request forgery (SSRF) vulnerability in the active push function as \apps\tool\apis\bd_push.py does not securely filter user input through push_urls() and get_urls().
EPSS
Процентиль: 54%
0.00307
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-918
Связанные уязвимости
github
около 1 года назад
hopetree izone lts c011b48 contains a server-side request forgery (SSRF) vulnerability in the active push function as \\apps\\tool\\apis\\bd_push.py does not securely filter user input through push_urls() and get_urls().
EPSS
Процентиль: 54%
0.00307
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-918