CVE-2018-9920

2018-05-24T13:29:00
ID CVE-2018-9920
Type cve
Reporter cve@mitre.org
Modified 2019-02-27T20:41:00

Description

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL.