Server-Side Request Forgery (SSRF) Vulnerability in OpenRefine <= v3.5.2: Unauthorized Access and Sensitive File Disclosure

Server-Side Request Forgery (SSRF) Vulnerability in OpenRefine <= v3.5.2: Unauthorized Access and Sensitive File Disclosure

CVE-2022-41401 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.

Learn more about our Cis Benchmark Audit For Server Software.