3 matches found
CVE-2022-43140
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...
CVE-2022-43140
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...
CVE-2022-43140
kkFileView 4.1.0 is vulnerable to a Server-Side Request Forgery (SSRF) in cn.keking.web.controller.OnlinePreviewController#getCorsFile. By injecting crafted URLs into the url parameter, an attacker can force the application to make arbitrary outbound requests, potentially exposing internal resour...