Описание
A server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. An attacker can leverage this to enumerate open ports based on response discrepancies and interact with internal services.
EPSS
Процентиль: 13%
0.00042
Низкий
9.6 Critical
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 9.6
github
4 месяца назад
A server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. An attacker can leverage this to enumerate open ports based on response discrepancies and interact with internal services.
EPSS
Процентиль: 13%
0.00042
Низкий
9.6 Critical
CVSS3
Дефекты
CWE-918