Vulnerabilities > CVE-2017-10973 - Server-Side Request Forgery (SSRF) vulnerability in Finecms Project Finecms 2.1.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |