Server side request forgery (ssrf)

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...