CVE-2024-13195

Medium CVSS: 5.3

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as critical. This affects the function getHtml of the file src/main/java/org/zdd/bookstore/rawl/HttpUtil.java. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Donglight

Product

Bookstore

CWE

CWE-918

Yayın Tarihi

2025-01-09 00:15:25

Güncelleme

2025-08-22 21:41:28

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-918 Bookstore MEDIUM Donglight 2025

Referanslar

https://github.com/donglight/bookstore/issues/11 https://github.com/donglight/bookstore/issues/11#issue-2760929273 https://vuldb.com/?ctiid.290787 https://vuldb.com/?id.290787 https://vuldb.com/?submit.469689 https://github.com/donglight/bookstore/issues/11 https://github.com/donglight/bookstore/issues/11#issue-2760929273

Benzer Kayıtlar

Medium

CVE-2024-13210

A vulnerability was found in donglight bookstore电商书城系统说明 1.0. It has been declared as critical. Affected by this vulnera…

Medium

CVE-2024-13196

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been declared as problematic. This vulnerability…

Medium

CVE-2024-13197

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been rated as problematic. This issue affects the…