• caglararli@hotmail.com
  • 05386281520

CVE-2024-48346 | xtreme1 up to 0.9.1 /api/data/upload fileUrl server-side request forgery (Issue 284)

Çağlar Arlı      -    3 Views

CVE-2024-48346 | xtreme1 up to 0.9.1 /api/data/upload fileUrl server-side request forgery (Issue 284)

A vulnerability classified as critical was found in xtreme1 up to 0.9.1. This vulnerability affects unknown code of the file /api/data/upload. The manipulation of the argument fileUrl leads to server-side request forgery. This vulnerability was named CVE-2024-48346. Access to the local network is required for this attack. There is no exploit available.