Server side request forgery (ssrf)

2022-10-3121:15:00

PRIOn knowledge base

www.prio-n.com

ssrf

server-side request forgery

vulnerability

backend server

unexpected endpoints

internal services

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and local services, leading to attacks in other downstream systems.

CPENameOperatorVersion
php_point_of_saleeq19.0

CPE	Name	Operator	Version
	php_point_of_sale	eq	19.0

References

www.themissinglink.com.au/security-advisories/cve-2022-40296