Vulnerabilities > CVE-2022-28117 - Server-Side Request Forgery (SSRF) vulnerability in Naviwebs Navigate CMS 2.9.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |