47 matches found
Server side request forgery (ssrf)
C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...
Orckestra C1 CMS 代码问题漏洞
Orckestra C1 CMS is an open source web content management system CMS based on . A code issue vulnerability exists in Orckestra C1 CMS versions prior to 6.12 that allows an authenticated attacker to send arbitrary GET requests through the server to other servers on the local network or localhost...
GHSA-FMJ2-7WX8-QJ4V Server-side request forgery (SSRF) in Apache XmlGraphics Commons
Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
Server-side request forgery (SSRF) in Apache XmlGraphics Commons
Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
GHSA-2H63-QP69-FWVW Server-side request forgery (SSRF) in Apache Batik
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
Fedora 33 : xmlgraphics-commons (2021-c07a9e79cf)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c07a9e79cf advisory. - Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...
Fedora 33 : batik (2021-33a1b73e48)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-33a1b73e48 advisory. - Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a...
MGASA-2021-0139 Updated batik packages fix a security vulnerability
The Apache Batik library is vulnerable to SSRF via the NodePickerPanel that allow an attacker to cause the underlying server to make arbitrary GET requests CVE-2020-11987...
Apache XmlGraphics Commons Server-Side Request Forgery Vulnerability
Apache XmlGraphics Commons is Apach open source a system library . Provides several reusable libraries. Apache XmlGraphics Commons 2.4 suffers from a server-side request forgery vulnerability that stems from the failure of XMPParser to properly validate inputs, which can be exploited by an attack...
Apache Batik Server-Side Request Forgery Vulnerability
Apache Batik is Apach open source a system library . Provides scalable vector graphics SVG format images for various purposes applications or applets. Apache Batik version 1.13 suffers from a server-side request forgery vulnerability, which is caused by a failure of NodePanel to properly validate...
DEBIAN-CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
Server side request forgery (ssrf)
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
Apache XmlGraphics Commons 代码问题漏洞
Apache XmlGraphics Commons is Apach open source a system library . Provides several reusable libraries. Apache XmlGraphics Commons 2.4 suffers from a server-side request forgery vulnerability that stems from the failure of XMPParser to properly validate inputs, which can be exploited by an attack...
batik: SSRF via "xlink:href"
A flaw was found in the Apache Batik library, where it is vulnerable to a Server-Side Request Forgery attack SSRF via "xlink:href" attributes. This flaw allows an attacker to cause the underlying server to make arbitrary GET requests. The highest threat from this vulnerability is to system...
DEBIAN-CVE-2019-17566
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
UBUNTU-CVE-2019-17566
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
batik: SSRF via "xlink:href"
A flaw was found in the Apache Batik library, where it is vulnerable to a Server-Side Request Forgery attack SSRF via "xlink:href" attributes. This flaw allows an attacker to cause the underlying server to make arbitrary GET requests. The highest threat from this vulnerability is to system...
OPENSUSE-SU-2020:1043-1 Security update for xmlgraphics-batik
This update for xmlgraphics-batik fixes the following issues: - CVE-2019-17566: Fixed a SSRF which might have allowed the underlying server to make arbitrary GET requests bsc1172961. This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the...