I, Librarian version 4.8 and earlier contains a SSRF vulnerability in “url” parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.
CPE | Name | Operator | Version |
---|---|---|---|
i-librarian | eq | 4.2 | |
i-librarian | eq | 4.5 | |
i-librarian | eq | 4.4 | |
i-librarian | eq | 3.4.1 | |
i-librarian | eq | 3.2.1 | |
i-librarian | eq | 4.0 | |
i-librarian | eq | 4.1 | |
i-librarian | eq | 3.3 | |
i-librarian | eq | 3.5 | |
i-librarian | eq | 3.1 |