Lucene search
MitreCVELIST:CVE-2024-25737HistoryJan 01, 1976 - 12:00 a.m.
CVE-2024-25737
1976-01-0100:00:00
mitre
www.cve.org
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 through 9.1 before 9.1.1 allows remote attackers to access internal HTTP servers and perform Cross-Site Scripting (XSS) attacks by proxying arbitrary URLs via the proxy GET parameter.
Related
cve
cve
CVE-2024-25737
2024-05-22 19:15:08
nvd
nvd
CVE-2024-25737
2024-05-22 19:15:08
osv
osv
VuFind Server-Side Request Forgery (SSRF) vulnerability
2024-05-22 21:30:34
CVE-2024-25737
2024-05-22 19:15:08
github
github
VuFind Server-Side Request Forgery (SSRF) vulnerability
2024-05-22 21:30:34
veracode
veracode
Server-Side Request Forgery (SSRF)
2024-05-27 07:16:27