Description
Kity Minder v1.3.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the init function at ImageCapture.class.php.
Remediation
References
https://github.com/fex-team/kityminder/issues/345
Related Vulnerabilities
CVE-2021-25987 Vulnerability in npm package hexo
CVE-2020-7690 Vulnerability in maven package org.webjars:jspdf
CVE-2022-31167 Vulnerability in maven package org.xwiki.platform:xwiki-platform-security
CVE-2022-25927 Vulnerability in maven package org.webjars.npm:github-com-faisalman-ua-parser-js
CVE-2021-42697 Vulnerability in maven package com.typesafe.akka:akka-http-core