Vulnerabilities > CVE-2022-41401 - Server-Side Request Forgery (SSRF) vulnerability in Openrefine

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
openrefine
CWE-918

Summary

OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.

Common Weakness Enumeration (CWE)