Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via phar protocol when generating class names dynamically. In some cases an exploitation is possible by an unauthenticated user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Invision Community 代码问题漏洞
Vulnerability Description
Invision Community是美国Invision公司的一个用于设计、开发移动应用UI的软件。 Invision Community 4.6.2 之前版本存在安全漏洞,该漏洞源于允许远程经过身份验证的用户在动态生成类名时通过 phar 协议请求任意 URL 或触发反序列化。
CVSS Information
N/A
Vulnerability Type
N/A