Vulnerabilities > CVE-2024-4894
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables attackers to probe internal network information.