Server-Side Request Forgery (SSRF) Vulnerability in Navigate CMS v2.9.4

CVE-2022-28117 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.

Learn more about our Cis Benchmark Audit For Server Software.