CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 3CVE-2014-9302 – Alfresco - '/cmisbrowser?url' Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2014-9302
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter. Vulnerabilidad de SSRF en el servlet cmisbrowser en Content Management Interoperability Service (CMIS) en Alfresco Community Edition 5.0.a y anteriores permite a atacantes remotos provocar solicitudes salientes a través de una URI manipulada en el parámetro url. • https://www.exploit-db.com/exploits/39259 http://seclists.org/bugtraq/2014/Jul/72 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-0_Alfresco_Community_Edition_Multiple_SSRF_vulnerabilities_v10.txt •