VYPR
Medium severity6.5NVD Advisory· Published May 24, 2018· Updated Jun 17, 2026

CVE-2018-9920

CVE-2018-9920

Description

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL.

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.