Intera InHire server-side request forgery

A vulnerability was found in Intera InHire up to 20250530. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument 29chcotoo9 leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

服务端请求伪造(SSRF)

Intera InHire 代码问题漏洞

Intera InHire是Intera公司的一个手机应用。 Intera InHire 20250530及之前版本存在代码问题漏洞，该漏洞源于对参数29chcotoo9的错误操作导致服务端请求伪造。

N/A

N/A