Description

It was determined that the web application performs a server-side rendering/processing of a user supplied data in insecure way. An unauthenticated attacker could use this vulnerability to send requests to restricted services. Also, in certain cases, it may be possible to read arbitrary local files of the system.

Remediation

Sanitize user's data

References

Server Side XSS (Dynamic PDF)

Owning the clout through SSRF and PDF generators

Related Vulnerabilities

Deserialization of Untrusted Data (Java JSON Deserialization) Fastjson

Ivanti EPM SQLi RCE (CVE-2024-29824)

DNN (DotNetNuke) CMS Cookie Deserialization RCE CVE-2017-9822

WordPress Plugin Dropbox Folder Share Server-Side Request Forgery (1.9.7)

XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)

Severity

High

Classification

CWE-918 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Acumonitor SSRF