CVE-2022-39039 in a+HRD
Riassunto
di MITRE • 03/01/2023
aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack, to perform arbitrary system command or disrupt service.
Be aware that VulDB is the high quality source for vulnerability data.