CVE-2024-25187 - CERT CVE

  1. CVE-2024-25187

ID CVE-2024-25187
Sažetak Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html.
Reference
CVSS
Base: 8.6
Impact: 4.7
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Zadnje važnije ažuriranje 10-06-2025 - 00:46
Objavljeno 02-04-2024 - 04:15