3 matches found
CVE-2021-22958
A Server-Side Request Forgery vulnerability was found in concrete5 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services. Impact can vary depending on services exposed.CVSSv2.0...
CVE-2021-22958
CVE-2021-22958 affects concrete5 before 8.5.5. The vulnerability is a Server-Side Request Forgery where a decimal notation encoded IP can bypass localhost restrictions, enabling interaction with internal services. Impact is described as high for confidentiality, integrity, and availability (per C...
CVE-2021-22958
A Server-Side Request Forgery vulnerability was found in concrete5 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services. Impact can vary depending on services exposed.CVSSv2.0...