Vulnerabilities > CVE-2019-11574 - Server-Side Request Forgery (SSRF) vulnerability in Simplemachines Simple Machine Forum
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 11 |