Описание
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function col_url of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely.
Ссылки
- Broken Link
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:maccms:maccms:10.0:2025.1000.4050:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 4.7
github
5 месяцев назад
A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function col_url of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely.
EPSS
Процентиль: 18%
0.00056
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-918