Описание
A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows attackers to forcefully initiate connections to arbitrary internal and external resources via a crafted request. This can lead to sensitive data exposure.
EPSS
Процентиль: 10%
0.00035
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 6.5
github
7 месяцев назад
A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows attackers to forcefully initiate connections to arbitrary internal and external resources via a crafted request. This can lead to sensitive data exposure.
EPSS
Процентиль: 10%
0.00035
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-918