Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:9 a.m.6 views

CVE-2022-24980

An issue was discovered in the Kitodo.Presentation aka dif extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to vie...

7.5CVSS7AI score0.01201EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/19 3:48 a.m.34 views

CVE-2022-24980

An issue was discovered in the Kitodo.Presentation aka dif extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to vie...

7.8AI score0.01201EPSS
Exploits0References2
CVE
CVE
added 2022/02/19 3:48 a.m.100 views

CVE-2022-24980

The CVE-2022-24980 issue affects Kitodo.Presentation (dlf) in TYPO3 before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4, where a missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs. This enables server-side request forgery (SSRF), letting an attacker v...

7.5CVSS7.5AI score0.01201EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/19 3:48 a.m.13 views

CVE-2022-24980

An issue was discovered in the Kitodo.Presentation aka dif extension before 2.3.2, 3.x before 3.2.3, and 3.3.x before 3.3.4 for TYPO3. A missing access check in an eID script allows an unauthenticated user to submit arbitrary URLs to this component. This results in SSRF, allowing attackers to vie...

7.5CVSS7.3AI score0.01201EPSS
Exploits0References4
Rows per page
Query Builder