MashZone NextGen up to and including 10.7 GA has an SSRF vulnerability that allows an malicious user to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This occurs in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAdminWebService.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
softwareag mashzone nextgen |