ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote malicious users to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables malicious users to probe internal network information.