Critical severity9.1NVD Advisory· Published Jun 9, 2022· Updated Jun 17, 2026
CVE-2022-31386
CVE-2022-31386
Description
A Server-Side Request Forgery (SSRF) in the getFileBinary function of nbnbk cms 3 allows attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the URL parameter.
Affected products
2- nbnbk/cmsdescription
Patches
Vulnerability mechanics
References
1- github.com/Fanli2012/nbnbk/issues/5nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.