Описание
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used.
Ссылки
- Broken Link
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:maccms:maccms:10.0:2025.1000.4050:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 4.7
github
5 месяцев назад
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used.
EPSS
Процентиль: 18%
0.00056
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-918