Описание
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.
EPSS
Процентиль: 34%
0.00136
Низкий
7.7 High
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 7.7
github
около 1 года назад
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.
EPSS
Процентиль: 34%
0.00136
Низкий
7.7 High
CVSS3
Дефекты
CWE-918