CVE-2024-41305 - CERT CVE

  1. CVE-2024-41305

ID CVE-2024-41305
Sažetak A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter.
Reference
CVSS
Base: 4.7
Impact: 3.4
Exploitability:1.2
Pristup
VektorSloženostAutentikacija
NETWORK LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Zadnje važnije ažuriranje 08-08-2024 - 14:36
Objavljeno 30-07-2024 - 18:15