CVE-2024-13032

MEDIUM Year: 2024
CVSS v3 Score
4.9
Medium
CVSS v2 Score
3.3
Low
Weakness Type
CWE-918
View all →

Vulnerability Description

A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2018-1999017

MEDIUM
CVSS:4.9(Medium)

Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authentic...

CWE-9182018

CVE-2019-7616

MEDIUM
CVSS:4.9(Medium)

Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set th...

CWE-9182019

CVE-2020-14023

MEDIUM
CVSS:4.9(Medium)

Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.

CWE-9182020

CVE-2020-5562

MEDIUM
CVSS:4.9(Medium)

Server-side request forgery (SSRF) vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows a remote attacker with an administrative privilege to issue arbitrary HTTP requests to other web servers via V-C...

CWE-9182020

CVE-2021-25972

MEDIUM
CVSS:4.9(Medium)

In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery (SSRF) in the media upload feature, which allows admin users to fetch media files from external URLs but fails...

CWE-9182021

CVE-2021-32698

MEDIUM
CVSS:4.9(Medium)

eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is "blind" because the attacker cannot see t...

CWE-9182021