GHSA-Q862-GCGQ-5M6G HAXcms createSite SSRF Enables Arbitrary File Read
Summary An authenticated Server-Side Request Forgery SSRF vulnerability in HAXcms allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and internal network access. Details The createSite endpoint in HAXcms...