SSRF Vulnerability in I, Librarian Version 4.8 and Earlier: Abusing Server Functionality to Access Internal Resources
CVE-2018-1000138 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:P/A:N
I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.
Learn more about our Web App Pen Testing.