Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather than the client. Therefore, the server causes outbound traffic and potentially imports data. An attacker may also leverage this behaviour to exfiltrate data of machines on the internal network of the server hosting the Stimulsoft Reporting Designer (Web).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Stimulsoft GmbH Stimulsoft Designer 代码问题漏洞
Vulnerability Description
Stimulsoft GmbH Stimulsoft Designer是Stimulsoft公司的一款可在任何计算机和任何平台上运行的坚固产品。用于生成报表和分析数据的引擎、报表设计器和查看器。 Stimulsoft Designer (Web) 2023.1.3版本存在安全漏洞,该漏洞源于TThe Reporting Designer (Web) 提供了从外部位置嵌入源的可能性,攻击者利用该漏洞可以在托管 Stimulsoft Reporting Designer (Web) 的服务器的内部网络上泄露机
CVSS Information
N/A
Vulnerability Type
N/A