Impact
The vulnerability allows an authenticated user to:
- Exploit SSRF by making the server make arbitrary GET requests to other servers in the local network or on localhost.
- Truncate arbitrary files to zero size (effectively delete them) that may lead to denial of service (DoS) or altering application logic.
The authenticated user may perform the actions unknowingly by visiting a specially crafted site.
Patches
Patched in C1 CMS v6.12
Workarounds
Upgrade to C1 CMS v6.12 or newer is required
Credit
This issue was discovered and reported by GHSL team member @JarLob (Jaroslav Lobačevski).
Impact
The vulnerability allows an authenticated user to:
The authenticated user may perform the actions unknowingly by visiting a specially crafted site.
Patches
Patched in C1 CMS v6.12
Workarounds
Upgrade to C1 CMS v6.12 or newer is required
Credit
This issue was discovered and reported by GHSL team member @JarLob (Jaroslav Lobačevski).