Vulnerabilities > CVE-2022-42149 - Server-Side Request Forgery (SSRF) vulnerability in Keking Kkfileview 4.0.0

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
keking
CWE-918
critical

Summary

kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller\OnlinePreviewController.java.

Vulnerable Configurations

Part Description Count
Application
Keking
1

Common Weakness Enumeration (CWE)