A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.
References
Link | Resource |
---|---|
https://github.com/zer0yu/CVE_Request/blob/master/baijiacms/baijiacmsv4_ssrf.md | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-20T19:58:59
Updated: 2022-09-20T19:58:59
Reserved: 2022-08-29T00:00:00
Link: CVE-2022-38931
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-20T20:15:10.407
Modified: 2022-09-21T20:05:46.990
Link: CVE-2022-38931
JSON object: View
Redhat Information
No data.
CWE