Unrated severityNVD Advisory· Published Apr 28, 2022· Updated Aug 3, 2024

CVE-2022-28117

Description

A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Navigate CMS/Navigate CMSdescription
Navigatecms/Navigatecmsllm-fuzzy
Range: <=2.9.4

Patches

Vulnerability mechanics

References

packetstormsecurity.com/files/167063/Navigate-CMS-2.9.4-Server-Side-Request-Forgery.htmlmitrex_refsource_MISC
www.navigatecms.com/en/blog/development/navigate_cms_update_2_9_5mitrex_refsource_MISC
www.youtube.com/watchmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.018
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000