CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
CVE-2022-1398 (GCVE-0-2022-1398)
Vulnerability from cvelistv5 – Published: 2022-05-16 14:30 – Updated: 2024-08-03 00:03
VLAI
Title
External Media without Import <= 1.1.2 - Subscriber+ Blind SSRF
Summary
The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks
Severity
No CVSS data available.
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/5440d177-e995-40… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | External Media without Import |
Affected:
1.1.2 , ≤ 1.1.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:06.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/5440d177-e995-403e-b2c9-42ceda14579e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "External Media without Import",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.1.2",
"status": "affected",
"version": "1.1.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Luan Pedersini"
}
],
"descriptions": [
{
"lang": "en",
"value": "The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T14:30:53.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/5440d177-e995-403e-b2c9-42ceda14579e"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "External Media without Import \u003c= 1.1.2 - Subscriber+ Blind SSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1398",
"STATE": "PUBLIC",
"TITLE": "External Media without Import \u003c= 1.1.2 - Subscriber+ Blind SSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "External Media without Import",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "1.1.2",
"version_value": "1.1.2"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Luan Pedersini"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/5440d177-e995-403e-b2c9-42ceda14579e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/5440d177-e995-403e-b2c9-42ceda14579e"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1398",
"datePublished": "2022-05-16T14:30:53.000Z",
"dateReserved": "2022-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:03:06.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1592 (GCVE-0-2022-1592)
Vulnerability from cvelistv5 – Published: 2022-05-05 10:20 – Updated: 2024-08-03 00:10
VLAI
Title
Server-Side Request Forgery in scout in clinical-genomics/scout
Summary
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
Severity
9.4 (Critical)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/352b39da-0f2e-415a-979… | x_refsource_CONFIRM |
| https://github.com/clinical-genomics/scout/commit… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| clinical-genomics | clinical-genomics/scout |
Affected:
unspecified , < v4.42
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:10:03.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/352b39da-0f2e-415a-9793-5480cae8bd27"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/clinical-genomics/scout/commit/b0ef15f4737d0c801154c1991b52ff5cab4f5c83"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clinical-genomics/scout",
"vendor": "clinical-genomics",
"versions": [
{
"lessThan": "v4.42",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss..."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-05T10:20:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/352b39da-0f2e-415a-9793-5480cae8bd27"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/clinical-genomics/scout/commit/b0ef15f4737d0c801154c1991b52ff5cab4f5c83"
}
],
"source": {
"advisory": "352b39da-0f2e-415a-9793-5480cae8bd27",
"discovery": "EXTERNAL"
},
"title": "Server-Side Request Forgery in scout in clinical-genomics/scout",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1592",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery in scout in clinical-genomics/scout"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "clinical-genomics/scout",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "v4.42"
}
]
}
}
]
},
"vendor_name": "clinical-genomics"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss..."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/352b39da-0f2e-415a-9793-5480cae8bd27",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/352b39da-0f2e-415a-9793-5480cae8bd27"
},
{
"name": "https://github.com/clinical-genomics/scout/commit/b0ef15f4737d0c801154c1991b52ff5cab4f5c83",
"refsource": "MISC",
"url": "https://github.com/clinical-genomics/scout/commit/b0ef15f4737d0c801154c1991b52ff5cab4f5c83"
}
]
},
"source": {
"advisory": "352b39da-0f2e-415a-9793-5480cae8bd27",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1592",
"datePublished": "2022-05-05T10:20:09.000Z",
"dateReserved": "2022-05-05T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:10:03.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1711 (GCVE-0-2022-1711)
Vulnerability from cvelistv5 – Published: 2022-05-17 12:40 – Updated: 2024-08-03 00:10
VLAI
Title
Server-Side Request Forgery (SSRF) in jgraph/drawio
Summary
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5.
Severity
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/jgraph/drawio/commit/cf5c78aa0… | x_refsource_MISC |
| https://huntr.dev/bounties/c32afff5-6ad5-4d4d-bee… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jgraph | jgraph/drawio |
Affected:
unspecified , < 18.0.5
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:10:03.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/c32afff5-6ad5-4d4d-beea-f55ab4925797"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jgraph/drawio",
"vendor": "jgraph",
"versions": [
{
"lessThan": "18.0.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-17T12:40:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/c32afff5-6ad5-4d4d-beea-f55ab4925797"
}
],
"source": {
"advisory": "c32afff5-6ad5-4d4d-beea-f55ab4925797",
"discovery": "EXTERNAL"
},
"title": "Server-Side Request Forgery (SSRF) in jgraph/drawio",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1711",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery (SSRF) in jgraph/drawio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jgraph/drawio",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.0.5"
}
]
}
}
]
},
"vendor_name": "jgraph"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae",
"refsource": "MISC",
"url": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae"
},
{
"name": "https://huntr.dev/bounties/c32afff5-6ad5-4d4d-beea-f55ab4925797",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/c32afff5-6ad5-4d4d-beea-f55ab4925797"
}
]
},
"source": {
"advisory": "c32afff5-6ad5-4d4d-beea-f55ab4925797",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1711",
"datePublished": "2022-05-17T12:40:09.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:10:03.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1713 (GCVE-0-2022-1713)
Vulnerability from cvelistv5 – Published: 2022-05-16 14:31 – Updated: 2024-08-03 00:10
VLAI
Title
SSRF on /proxy in jgraph/drawio
Summary
SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.
Severity
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd… | x_refsource_CONFIRM |
| https://github.com/jgraph/drawio/commit/283d41ec8… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jgraph | jgraph/drawio |
Affected:
unspecified , < 18.0.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:10:03.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jgraph/drawio",
"vendor": "jgraph",
"versions": [
{
"lessThan": "18.0.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T14:31:52.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee"
}
],
"source": {
"advisory": "cad3902f-3afb-4ed2-abd0-9f96a248de11",
"discovery": "EXTERNAL"
},
"title": "SSRF on /proxy in jgraph/drawio",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1713",
"STATE": "PUBLIC",
"TITLE": "SSRF on /proxy in jgraph/drawio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jgraph/drawio",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.0.4"
}
]
}
}
]
},
"vendor_name": "jgraph"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11"
},
{
"name": "https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee",
"refsource": "MISC",
"url": "https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee"
}
]
},
"source": {
"advisory": "cad3902f-3afb-4ed2-abd0-9f96a248de11",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1713",
"datePublished": "2022-05-16T14:31:52.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:10:03.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1722 (GCVE-0-2022-1722)
Vulnerability from cvelistv5 – Published: 2022-05-16 14:31 – Updated: 2024-08-03 00:10
VLAI
Title
SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio
Summary
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses
Severity
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/c903d563-ba97-44e9-b42… | x_refsource_CONFIRM |
| https://github.com/jgraph/drawio/commit/cf5c78aa0… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jgraph | jgraph/drawio |
Affected:
unspecified , < 18.0.5
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:10:03.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/c903d563-ba97-44e9-b421-22bfab1e0cbd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jgraph/drawio",
"vendor": "jgraph",
"versions": [
{
"lessThan": "18.0.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SSRF in editor\u0027s proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-16T14:31:21.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/c903d563-ba97-44e9-b421-22bfab1e0cbd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae"
}
],
"source": {
"advisory": "c903d563-ba97-44e9-b421-22bfab1e0cbd",
"discovery": "EXTERNAL"
},
"title": "SSRF in editor\u0027s proxy via IPv6 link-local address in jgraph/drawio",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1722",
"STATE": "PUBLIC",
"TITLE": "SSRF in editor\u0027s proxy via IPv6 link-local address in jgraph/drawio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jgraph/drawio",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.0.5"
}
]
}
}
]
},
"vendor_name": "jgraph"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSRF in editor\u0027s proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/c903d563-ba97-44e9-b421-22bfab1e0cbd",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/c903d563-ba97-44e9-b421-22bfab1e0cbd"
},
{
"name": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae",
"refsource": "MISC",
"url": "https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae"
}
]
},
"source": {
"advisory": "c903d563-ba97-44e9-b421-22bfab1e0cbd",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1722",
"datePublished": "2022-05-16T14:31:21.000Z",
"dateReserved": "2022-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:10:03.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1723 (GCVE-0-2022-1723)
Vulnerability from cvelistv5 – Published: 2022-05-17 08:35 – Updated: 2024-08-03 00:16
VLAI
Title
Server-Side Request Forgery (SSRF) in jgraph/drawio
Summary
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6.
Severity
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/619851a4-2a08-4196-80e… | x_refsource_CONFIRM |
| https://github.com/jgraph/drawio/commit/7a68ebe22… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jgraph | jgraph/drawio |
Affected:
unspecified , < 18.0.6
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:58.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/619851a4-2a08-4196-80e9-ab41953491d8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jgraph/drawio/commit/7a68ebe22a64fe722704e9c4527791209fee2034"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jgraph/drawio",
"vendor": "jgraph",
"versions": [
{
"lessThan": "18.0.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-17T08:35:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/619851a4-2a08-4196-80e9-ab41953491d8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jgraph/drawio/commit/7a68ebe22a64fe722704e9c4527791209fee2034"
}
],
"source": {
"advisory": "619851a4-2a08-4196-80e9-ab41953491d8",
"discovery": "EXTERNAL"
},
"title": "Server-Side Request Forgery (SSRF) in jgraph/drawio",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1723",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery (SSRF) in jgraph/drawio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jgraph/drawio",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.0.6"
}
]
}
}
]
},
"vendor_name": "jgraph"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/619851a4-2a08-4196-80e9-ab41953491d8",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/619851a4-2a08-4196-80e9-ab41953491d8"
},
{
"name": "https://github.com/jgraph/drawio/commit/7a68ebe22a64fe722704e9c4527791209fee2034",
"refsource": "MISC",
"url": "https://github.com/jgraph/drawio/commit/7a68ebe22a64fe722704e9c4527791209fee2034"
}
]
},
"source": {
"advisory": "619851a4-2a08-4196-80e9-ab41953491d8",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1723",
"datePublished": "2022-05-17T08:35:10.000Z",
"dateReserved": "2022-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:16:58.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1751 (GCVE-0-2022-1751)
Vulnerability from cvelistv5 – Published: 2024-08-17 07:34 – Updated: 2026-04-08 16:37
VLAI
Title
Skitter Slideshow <= 2.5.2 - Unauthenticated Server-Side Request Forgery
Summary
The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity
7.2 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| thiagosf | Skitter Slideshow |
Affected:
0 , ≤ 2.5.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:thiagosf:skitter_slideshow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "skitter_slideshow",
"vendor": "thiagosf",
"versions": [
{
"lessThanOrEqual": "2.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1751",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T13:48:39.806235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T13:50:55.581Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Skitter Slideshow",
"vendor": "thiagosf",
"versions": [
{
"lessThanOrEqual": "2.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bartu Utku SARP"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:37:23.717Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/175eba7e-454b-4ba3-bbb5-22bd56734f5c?source=cve"
},
{
"url": "https://securityforeveryone.com/blog/wordpress-skitter-slideshow-ssrf-0-day-vulnerability-cve-2022-1751"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-skitter-slideshow/trunk/image.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-06-07T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Skitter Slideshow \u003c= 2.5.2 - Unauthenticated Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-1751",
"datePublished": "2024-08-17T07:34:18.138Z",
"dateReserved": "2022-05-16T22:40:25.070Z",
"dateUpdated": "2026-04-08T16:37:23.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-1767 (GCVE-0-2022-1767)
Vulnerability from cvelistv5 – Published: 2022-05-18 15:45 – Updated: 2024-08-03 00:16
VLAI
Title
Server-Side Request Forgery (SSRF) in jgraph/drawio
Summary
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7.
Severity
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/b1ce040c-9ed1-4d36-9b4… | x_refsource_CONFIRM |
| https://github.com/jgraph/drawio/commit/c63f3a044… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jgraph | jgraph/drawio |
Affected:
unspecified , < 18.0.7
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:59.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/b1ce040c-9ed1-4d36-9b48-82df42310868"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jgraph/drawio",
"vendor": "jgraph",
"versions": [
{
"lessThan": "18.0.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-18T15:45:11.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/b1ce040c-9ed1-4d36-9b48-82df42310868"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf"
}
],
"source": {
"advisory": "b1ce040c-9ed1-4d36-9b48-82df42310868",
"discovery": "EXTERNAL"
},
"title": "Server-Side Request Forgery (SSRF) in jgraph/drawio",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1767",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery (SSRF) in jgraph/drawio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jgraph/drawio",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.0.7"
}
]
}
}
]
},
"vendor_name": "jgraph"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/b1ce040c-9ed1-4d36-9b48-82df42310868",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/b1ce040c-9ed1-4d36-9b48-82df42310868"
},
{
"name": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf",
"refsource": "MISC",
"url": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf"
}
]
},
"source": {
"advisory": "b1ce040c-9ed1-4d36-9b48-82df42310868",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1767",
"datePublished": "2022-05-18T15:45:11.000Z",
"dateReserved": "2022-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:16:59.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1784 (GCVE-0-2022-1784)
Vulnerability from cvelistv5 – Published: 2022-05-20 12:15 – Updated: 2024-08-03 00:16
VLAI
Title
Server-Side Request Forgery (SSRF) in jgraph/drawio
Summary
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8.
Severity
7.5 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/jgraph/drawio/commit/c63f3a044… | x_refsource_MISC |
| https://huntr.dev/bounties/d1330ce8-cccb-4bae-b9a… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jgraph | jgraph/drawio |
Affected:
unspecified , < 18.0.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:59.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/d1330ce8-cccb-4bae-b9a9-a03b97f444a5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jgraph/drawio",
"vendor": "jgraph",
"versions": [
{
"lessThan": "18.0.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T12:15:11.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/d1330ce8-cccb-4bae-b9a9-a03b97f444a5"
}
],
"source": {
"advisory": "d1330ce8-cccb-4bae-b9a9-a03b97f444a5",
"discovery": "EXTERNAL"
},
"title": "Server-Side Request Forgery (SSRF) in jgraph/drawio",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1784",
"STATE": "PUBLIC",
"TITLE": "Server-Side Request Forgery (SSRF) in jgraph/drawio"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jgraph/drawio",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.0.8"
}
]
}
}
]
},
"vendor_name": "jgraph"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf",
"refsource": "MISC",
"url": "https://github.com/jgraph/drawio/commit/c63f3a04450f30798df47f9badbc74eb8a69fbdf"
},
{
"name": "https://huntr.dev/bounties/d1330ce8-cccb-4bae-b9a9-a03b97f444a5",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/d1330ce8-cccb-4bae-b9a9-a03b97f444a5"
}
]
},
"source": {
"advisory": "d1330ce8-cccb-4bae-b9a9-a03b97f444a5",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1784",
"datePublished": "2022-05-20T12:15:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:16:59.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1977 (GCVE-0-2022-1977)
Vulnerability from cvelistv5 – Published: 2022-06-27 08:59 – Updated: 2024-08-03 00:24
VLAI
Title
WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF
Summary
The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks
Severity
No CVSS data available.
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/1b640519-75e1-48… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Import Export All WordPress Images, Users & Post Types |
Affected:
6.5.3 , < 6.5.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:44.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/1b640519-75e1-48cb-944e-b9bff9de6d3d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Import Export All WordPress Images, Users \u0026 Post Types",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.5.3",
"status": "affected",
"version": "6.5.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Luan Pedersini"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Import Export All WordPress Images, Users \u0026 Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-27T08:59:05.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/1b640519-75e1-48cb-944e-b9bff9de6d3d"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WP Ultimate CSV Importer \u003c 6.5.3 - Admin+ Blind SSRF",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1977",
"STATE": "PUBLIC",
"TITLE": "WP Ultimate CSV Importer \u003c 6.5.3 - Admin+ Blind SSRF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Import Export All WordPress Images, Users \u0026 Post Types",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.5.3",
"version_value": "6.5.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Luan Pedersini"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Import Export All WordPress Images, Users \u0026 Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/1b640519-75e1-48cb-944e-b9bff9de6d3d",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/1b640519-75e1-48cb-944e-b9bff9de6d3d"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1977",
"datePublished": "2022-06-27T08:59:05.000Z",
"dateReserved": "2022-06-02T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:44.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
CAPEC-664: Server Side Request Forgery
An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.