QRadar Community Edition 7.3.1.6 Server Side Request Forgery Vulnerability

QRadar Community Edition version 7.3.1.6 has an issue where the RssFeedItem class of the QRadar web application is used to fetch and parse RSS feeds. No validation is performed on the user-supplied RSS feed URL. Due to the lack of URL validation whitelisting, it is possible for authenticated...