3 matches found
CVE-2022-41949
DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...
CVE-2022-41949
CVE-2022-41949 affects DHIS 2 core. An authenticated DHIS2 user can craft a request that makes the server fetch external resources, enabling a semi‑blind Server-Side Request Forgery (SSRF) in the dhis2-core component. This can allow an attacker to identify vulnerable services not publicly exposed...
CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core
DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...