Lucene search
+L

17 matches found

nuclei
nuclei
added 6 hours ago85 views

Apache Druid - Server-Side Request Forgery

Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid.This issue affects all previous Druid versions.When using the Druid management proxy, a request tha...

5.8CVSS6.9AI score0.01656EPSS
Exploits0References2
snyk
snyk
added 2025/03/20 12:32 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the concatenateForRewrite method in JettyUtils when the management proxy is enabled - which it is in the default configuration. An attacker can manipulate the URL to redirect requests to an arbitrary...

5.8CVSS7.2AI score0.01656EPSS
Exploits0References4
osv
osv
added 2025/03/20 12:32 p.m.11 views

GHSA-2XCR-P767-F3RV Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect

Severity: medium 5.8 / important Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the...

5.8CVSS6.2AI score0.01656EPSS
Exploits0References6
nvd
nvd
added 2025/03/20 12:15 p.m.29 views

CVE-2025-27888

Severity: medium 5.8 / important Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the...

5.8CVSS0.01656EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/03/20 11:29 a.m.13 views

CVE-2025-27888 Apache Druid: Server-Side Request Forgery and Cross-Site Scripting

Severity: medium 5.8 / important Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the...

5.8CVSS5.9AI score0.01656EPSS
Exploits0References1
cvelist
cvelist
added 2025/03/20 11:29 a.m.54 views

CVE-2025-27888 Apache Druid: Server-Side Request Forgery and Cross-Site Scripting

Severity: medium 5.8 / important Server-Side Request Forgery SSRF, Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the...

5.8CVSS0.01656EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/03/19 12:0 a.m.8 views

PT-2025-12331

Apache Druid and Affected Versions Apache Druid versions prior to 31.0.2 and prior to 32.0.1 Description Apache Druid is susceptible to Server-Side Request Forgery SSRF, Cross-Site Scripting XSS, and Open Redirect issues. When the Druid management proxy is used, a specially crafted URL in a reque...

7.5CVSS5.7AI score0.01656EPSS
Exploits0References26
cnnvd
cnnvd
added 2024/07/09 12:0 a.m.5 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology Net Titanium Technology. A security vulnerability exists in idcCMS v1.35, which originates from a cross-site request forgery vulnerability in the...

5.3CVSS6.8AI score0.00173EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/07/09 12:0 a.m.4 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology Net Titanium Technology. A security vulnerability exists in idcCMS v1.35, which originates from a cross-site request forgery vulnerability in the...

8.8CVSS6.8AI score0.00295EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/07/05 12:0 a.m.5 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology, Inc. A security vulnerability exists in idcCMS version 1.35, which is vulnerable to cross-site request forgery CSRF attacks...

8.8CVSS6.8AI score0.00296EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/07/05 12:0 a.m.5 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology, Inc. A security vulnerability exists in idcCMS version 1.35, which is vulnerable to cross-site request forgery CSRF attacks...

5.4CVSS6.8AI score0.00185EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/07/05 12:0 a.m.4 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology, Inc. A security vulnerability exists in idcCMS version 1.35, which is vulnerable to cross-site request forgery CSRF attacks...

5.4CVSS6.8AI score0.00195EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/07/05 12:0 a.m.4 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology, Inc. A security vulnerability exists in idcCMS version 1.35, which is vulnerable to cross-site request forgery CSRF attacks...

6.3CVSS6.8AI score0.00192EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/07/05 12:0 a.m.3 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology, Inc. A security vulnerability exists in idcCMS version 1.35, which is vulnerable to cross-site request forgery CSRF attacks...

8.8CVSS6.8AI score0.00296EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/06/27 12:0 a.m.4 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology, Inc. A security vulnerability exists in idcCMS v1.35, which originates from the component /admin/ipRecorddeal.php?mudi=add that contains cross-sit...

6.8CVSS6.8AI score0.00205EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/06/27 12:0 a.m.4 views

idcCMS Security Breach

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology, Inc. A security vulnerability exists in idcCMS v1.35, which originates from the component /admin/keyWorddeal.php?mudi=add containing a cross-site...

3.8CVSS6.8AI score0.00196EPSS
Exploits1References2
cnnvd
cnnvd
added 2024/04/25 12:0 a.m.6 views

Net Titanium Technology idcCMS 跨站请求伪造漏洞

Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Proxy System is a cloud management proxy system from China's Net Titanium Technology Net Titanium Technology. A cross-site request forgery vulnerability exists in version 1.35 of idcCMS, which originates from the file...

5CVSS6.7AI score0.00434EPSS
Exploits1References5
Rows per page
Query Builder