2 matches found
Security Bulletin: IBM Content Navigator is vulnerable to Server Side Request Forgery leading to Arbitrary File Read due to Oracle Outside In Technology (CVE-2023-35896)
Summary Oracle Outside In Technology is used in some configurations of IBM Content Navigator as part of the document viewer. CVE-2023-35896. Vulnerability Details CVEID:CVE-2023-35896 DESCRIPTION: IBM Content Navigator is vulnerable to server-side request forgery SSRF. This may allow an...
CVE-2023-35896
IBM Content Navigator is affected by CVE-2023-35896 via SSRF in versions 3.0.11, 3.0.13, and 3.0.14 due to Oracle Outside In Technology in the viewer. The root cause is a server-side request forgery that can allow an authenticated attacker to issue unauthorized requests from the system, potential...