CVE-2022-28117

A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:naviwebs:navigate_cms:2.9.4:*:*:*:*:*:*:*

Information

Published : 2022-04-28 08:15

Updated : 2022-05-12 12:43


NVD link : CVE-2022-28117

Mitre link : CVE-2022-28117


JSON object : View

CWE
CWE-918

Server-Side Request Forgery (SSRF)

Advertisement

dedicated server usa

Products Affected

naviwebs

  • navigate_cms