High severity7.2OSV Advisory· Published Jul 9, 2018· Updated Jun 17, 2026
CVE-2018-13790
CVE-2018-13790
Description
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.
Affected products
2Patches
Vulnerability mechanics
References
1- hackerone.com/reports/243865nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.