Description
UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.
Remediation
References
https://github.com/youseries/ureport/issues/483
Related Vulnerabilities
CVE-2023-5573 Vulnerability in npm package @vrite/sdk
CVE-2022-23223 Vulnerability in maven package org.apache.shenyu:shenyu-common
CVE-2019-12409 Vulnerability in maven package org.apache.solr:solr-core
CVE-2020-7661 Vulnerability in maven package org.webjars.npm:url-regex
CVE-2018-20834 Vulnerability in maven package org.webjars.npm:tar