SSRF Vulnerability in LuquidPixels LiquiFire OS 4.8.0 via call%3Durl Substring

SSRF Vulnerability in LuquidPixels LiquiFire OS 4.8.0 via call%3Durl Substring

CVE-2019-20055 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets.

Learn more about our Web Application Penetration Testing UK.