VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 7, 2014· Updated May 6, 2026

CVE-2014-9301

CVE-2014-9301

Description

Server-side request forgery (SSRF) vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parameter.

Affected products

1
  • Alfresco/Alfresco
    cpe:2.3:a:alfresco:alfresco:*:*:*:*:community:*:*:*
    Range: <=4.2.f

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.