VYPR
Critical severity9.1NVD Advisory· Published Jun 9, 2022· Updated Jun 17, 2026

CVE-2022-31386

CVE-2022-31386

Description

A Server-Side Request Forgery (SSRF) in the getFileBinary function of nbnbk cms 3 allows attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the URL parameter.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.