SSRF Vulnerability in wcms/wcms/wex/html.php #11
Hi, dev team!
There is SSRF Vulnerability in
The vulnerable code is:
Server Side Request Forgery (SSRF) vulnerabilities let an attacker send crafted requests from the back-end server of a vulnerable web application. It can help identify open ports, local network hosts and execute command on services (for example redis, by using
To prevent vulnerability use next manual: https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html
Please let me know about any fixes, I would like to register CVE number.
The text was updated successfully, but these errors were encountered:
Here is POC:
I was listening 60001 local port and got a request from backend.