A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite prior to 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via phar protocol when generating class names dynamically. In some cases an exploitation is possible by an unauthenticated user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invisioncommunity ips community suite |