Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_image.php" file in the imageURL parameter.
History

Fri, 20 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-10-02T13:50:31.607Z

Updated: 2024-09-20T14:52:59.983Z

Reserved: 2023-07-18T07:17:40.669Z

Link: CVE-2023-3744

cve-icon Vulnrichment

Updated: 2024-08-02T07:01:57.471Z

cve-icon NVD

Status : Modified

Published: 2023-10-02T14:15:09.933

Modified: 2024-11-21T08:17:57.917

Link: CVE-2023-3744

cve-icon Redhat

No data.