CVE-2017-1000237

I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:i-librarian:i_librarian:*:*:*:*:*:*:*:*
cpe:2.3:a:i-librarian:i_librarian:4.7:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-17 04:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-1000237

Mitre link : CVE-2017-1000237

CVE.ORG link : CVE-2017-1000237


JSON object : View

Products Affected

i-librarian

  • i_librarian
CWE
CWE-918

Server-Side Request Forgery (SSRF)