CVE-2017-10973
FineCMS before 2017-07-06 is affected by a server-side request forgery (SSRF) in application/lib/ajax/get_image_data.php, related to processing requests for non-image files with a modified HTTP Host header. Root cause appears to be improper handling of user-controlled Host header leading to unint...