CVE-2024-48107

Oct. 29, 2024, 2:34 p.m.

Product(s) Impacted

SparkShop

  • <=1.1.7

Description

SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides, attack applications running on the Intranet or local network, or read metadata on the cloud server.

Weaknesses

Date

Published: Oct. 28, 2024, 9:15 p.m.

Last Modified: Oct. 29, 2024, 2:34 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References