Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-25 | CVE-2022-42890 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. | 7.5 |
2022-10-18 | CVE-2022-39055 | Server-Side Request Forgery (SSRF) vulnerability in Changingtec Rava Certificate Validation System 3 RAVA certificate validation system has inadequate filtering for URL parameter. | 5.3 |
2022-10-17 | CVE-2022-42149 | Server-Side Request Forgery (SSRF) vulnerability in Keking Kkfileview 4.0.0 kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller\OnlinePreviewController.java. | 9.8 |
2022-10-14 | CVE-2022-41477 | Server-Side Request Forgery (SSRF) vulnerability in Webidsupport Webid A security issue was discovered in WeBid <=1.2.2. | 9.1 |
2022-10-14 | CVE-2022-36802 | Server-Side Request Forgery (SSRF) vulnerability in Atlassian Jira Align The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2 allows remote attackers to exploit this issue to access internal network resources via a Server-Side Request Forgery. | 4.9 |
2022-10-13 | CVE-2022-41495 | Server-Side Request Forgery (SSRF) vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the rss_url_news parameter at /manager/index.php. | 9.8 |
2022-10-13 | CVE-2022-41496 | Server-Side Request Forgery (SSRF) vulnerability in Idreamsoft Icms 7.0.16 iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php. | 9.8 |
2022-10-13 | CVE-2022-41497 | Server-Side Request Forgery (SSRF) vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the pkg_url parameter at /manager/index.php. | 9.8 |
2022-10-03 | CVE-2022-36551 | Server-Side Request Forgery (SSRF) vulnerability in Heartex Label Studio A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. | 6.5 |
2022-10-03 | CVE-2022-41040 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Server Elevation of Privilege Vulnerability | 8.8 |