A vulnerability was found in OTCMS 6.72. It has been...
Critical severity
Unreviewed
Published
Mar 25, 2023
to the GitHub Advisory Database
•
Updated Apr 7, 2023
Description
Published by the National Vulnerability Database
Mar 25, 2023
Published to the GitHub Advisory Database
Mar 25, 2023
Last updated
Apr 7, 2023
A vulnerability was found in OTCMS 6.72. It has been classified as critical. Affected is the function UseCurl of the file /admin/info_deal.php of the component URL Parameter Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224016.
References