Vulnerabilities > CVE-2023-48204 - Server-Side Request Forgery (SSRF) vulnerability in Publiccms 4.0.202302.E

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
publiccms
CWE-918

Summary

An issue in PublicCMS v.4.0.202302.e allows a remote attacker to obtain sensitive information via the appToken and Parameters parameter of the api/method/getHtml component.

Vulnerable Configurations

Part Description Count
Application
Publiccms
1

Common Weakness Enumeration (CWE)