How severe is CVE-2024-30420?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2024-30420?

This is classified as CWE-918, which is a common weakness in software security.

CVE-2024-30420 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an administrator or higher privilege who can log in to the product may obtain arbitrary files on the server and information on the internal server that is not disclosed to the public.

Related Vulnerabilities

CVE-2017-20106

MEDIUM

CVSS:4.4(Medium)

A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the...

CWE-9182017

CVE-2022-44730

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / da...

CWE-9182022

CVE-2023-20002

MEDIUM

CVSS:4.4(Medium)

A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerab...

CWE-9182023

CVE-2024-32454

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more –...

CWE-9182024

CVE-2024-33627

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.

CWE-9182024

CVE-2024-33629

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail).This issue affects Auto Featured Image (Auto Post Thumbnail): from n/a through 4.0.0.

CWE-9182024