A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote malicious users to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
naviwebs navigate cms 2.9.4 |