2 matches found
CVE-2023-3578
CVE-2023-3578 concerns DedeCMS 5.7.109, where manipulation of the rssurl parameter in co_do.php triggers a server-side request forgery (SSRF). The Nuclei template confirms the vulnerability and notes potential impact including sensitive data exposure and possible server compromise. Remediation: a...
CVE-2023-3578 DedeCMS co_do.php server-side request forgery
A vulnerability classified as critical was found in DedeCMS 5.7.109. Affected by this vulnerability is an unknown functionality of the file codo.php. The manipulation of the argument rssurl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The...