CVE-2018-1000138

2018-03-23T17:29:00
ID CVE-2018-1000138
Type cve
Reporter NVD
Modified 2018-04-13T09:16:25

Description

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.