CVE-2019-13020

CRITICAL Year: 2019
CVSS v3 Score
10.0
Critical
CVSS v2 Score
6.4
Medium
Weakness Type
CWE-918
View all →

Vulnerability Description

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse. First, a specially crafted URL could be used in a phishing attack to hijack the trust the user and the browser have with the website and could serve malicious content from a third-party attacker-controlled system. Second, arguably more severe, is the potential for an attacker to circumvent firewall controls, by proxying traffic, unauthenticated, into the internal network from the internet.

Related Vulnerabilities

CVE-2016-10926

CRITICAL
CVSS:10.0(Critical)

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.

CWE-9182016

CVE-2016-10927

CRITICAL
CVSS:10.0(Critical)

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.

CWE-9182016

CVE-2017-11291

CRITICAL
CVSS:10.0(Critical)

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.

CWE-9182017

CVE-2017-12905

CRITICAL
CVSS:10.0(Critical)

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.

CWE-9182017

CVE-2017-8794

CRITICAL
CVSS:10.0(Critical)

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.ht...

CWE-9182017

CVE-2018-10511

CRITICAL
CVSS:10.0(Critical)

A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.

CWE-9182018