Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:13 p.m.14 views

CVE-2020-8902

Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...

4.3CVSS6.7AI score0.00325EPSS
Exploits0References1
NVD
NVD
added 2021/02/23 12:15 p.m.36 views

CVE-2020-8902

Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...

4.3CVSS0.00325EPSS
Exploits0References1
OSV
OSV
added 2021/02/23 12:15 p.m.23 views

CVE-2020-8902

Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery SSRF attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are t...

4.3CVSS6.7AI score
Exploits0References1
CVE
CVE
added 2021/02/23 12:0 p.m.60 views

CVE-2020-8902

Summary (CVE-2020-8902): Rendertron versions prior to 3.0.0 are vulnerable to an SSRF flaw. An attacker can craft a webpage that causes a headless Chrome process used by Rendertron to render internal sites accessible to the system, potentially exposing internal resources as screenshots. Affected ...

4.3CVSS4.2AI score0.00325EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder