Invia #299169: EasyAdmin EasyAdmin lastest File Upload, XXE and SSRF Vulnerability
| Titolo | EasyAdmin EasyAdmin lastest File Upload, XXE and SSRF Vulnerability |
|---|---|
| Descrizione | The vulnerability is located at /ureport/designer/saveReportFile, where we can conduct File Upload, XXE, and SSRF attacks. |
| Fonte | ⚠️ https:/ |
| Utente | Southseast (UID 65123) |
| Sottomissione | 15/03/2024 14:45 (2 anni fa) |
| Moderazione | 22/03/2024 11:50 (7 days later) |
| Stato | Accettato |
| Voce VulDB | 257717 [lakernote EasyAdmin fino a 20240315 saveReportFile escalationi di privilegi] |
| Punti | 14 |