10Nis
CVE-2023-40148 | Ping Identity PingFederate up to 11.0.8/11.1.8/11.2.7/11.3.2 HTTP POST Request server-side request forgery
A vulnerability has been found in Ping Identity PingFederate up to 11.0.8/11.1.8/11.2.7/11.3.2 and classified as critical. This vulnerability affects unknown code of the component HTTP POST Request Handler. The manipulation leads to server-side request forgery. This vulnerability was named CVE-2023-40148. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.