CVE-2024-48107 | THREATINT

Description

SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides, attack applications running on the Intranet or local network, or read metadata on the cloud server.

PUBLISHED Reserved 2024-10-08 | Published 2024-10-28 | Updated 2024-10-30 | Assigner mitre

References

gitee.com/sparkshop/sparkshop

gist.github.com/RMAX2000/ebb654016e5b8a5b55aa6d8a7f2f321a

cve.org (CVE-2024-48107)

nvd.nist.gov (CVE-2024-48107)

Download JSON