CVE-2024-0440
Severity CVSS v4.0:
Pending analysis
Type:
CWE-918
Server-Side Request Forgery (SSRF)
Publication date:
26/02/2024
Last modified:
26/02/2024
Description
Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files.
Impact
Base Score 3.x
9.60
Severity 3.x
CRITICAL