Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side Request Forgery attack, allowing an attacker to forge arbitrary requests (with certain restrictions) that will be executed on behalf of the attacker, via the viewUrl parameter of the "export the dashboard as an image" feature. This could be leveraged to provide a proxy to attack other servers (internal or external) or to perform network scans of external or internal networks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dundas BI server 安全漏洞
Vulnerability Description
Dundas BI server是一款基于Web的服务器应用程序。 Dundas BI server 5.0.1.1010之前版本中存在服务器端请求伪造漏洞。攻击者可借助‘将dashboard导出为图像格式’功能的‘viewUrl’参数利用该漏洞伪造任意请求,攻击其他服务器或对内部和外部网络进行网络扫描。
CVSS Information
N/A
Vulnerability Type
N/A