Medium severity6.5NVD Advisory· Published May 24, 2018· Updated Jun 17, 2026
CVE-2018-9920
CVE-2018-9920
Description
Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL.
Patches
Vulnerability mechanics
References
1- www.securityfocus.com/archive/1/542035/100/0/threadednvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.