4 matches found
CVE-2017-20106
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
Server side request forgery (ssrf)
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106 Lithium Forum Compose Message server-side request forgery
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106
The CVE-2017-20106 entry concerns Lithium Forum 2017 Q1. A server-side request forgery (SSRF) vulnerability arises from manipulating the upload_url argument in the Compose Message Handler component. The attack requires local access, and public exploits have been disclosed. Documented impact indic...