漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Antabot White-Jotter Article Editor editor server-side request forgery
Vulnerability Description
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
White-Jotter 代码问题漏洞
Vulnerability Description
White-Jotter是Antabot个人开发者的一款使用 Vue+Spring Boot 开发的前后端分离项目,附带全套开发教程。 White-Jotter 0.2.2及之前版本存在代码问题漏洞,该漏洞源于组件Article Editor的文件/admin/content/editor的articleCover参数会导致服务器端请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A