4 matches found
CVE-2022-24789
C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...
CVE-2022-24789 Deserialization of untrusted data in C1 CMS.
C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...
CVE-2022-24789
C1 CMS vulnerability CVE-2022-24789 affects the .NET-based C1 CMS before version 6.12. An authenticated user can trigger SSRF, causing the server to issue arbitrary GET requests to internal/local network resources, and may also truncate files to zero size, leading to DoS or logic alteration. Root...
CVE-2022-24789 Deserialization of untrusted data in C1 CMS.
C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...