VYPR
Unrated severityNVD Advisory· Published Sep 7, 2021· Updated Aug 4, 2024

CVE-2021-39497

CVE-2021-39497

Description

eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote() function.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.