Critical severity10.0NVD Advisory· Published Sep 25, 2017· Updated Jun 17, 2026
CVE-2017-12905
CVE-2017-12905
Description
Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:vebto:pixie_-_image_editor:1.4:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:vebto:pixie_-_image_editor:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:vebto:pixie_-_image_editor:1.7:*:*:*:*:*:*:*
- (no CPE)range: 1.4, 1.7
Patches
Vulnerability mechanics
References
1- seclists.org/fulldisclosure/2017/Sep/47nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.