Unrated severityNVD Advisory· Published Apr 28, 2025· Updated Apr 28, 2025
CVE-2023-35817
CVE-2023-35817
Description
DevExpress before 23.1.3 allows AsyncDownloader SSRF.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2< 23.1.3+ 1 more
- (no CPE)range: < 23.1.3
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
5- code-white.com/public-vulnerability-list/mitre
- supportcenter.devexpress.com/ticket/details/t1157209/server-side-request-forgery-via-asyncdownloadermitre
- supportcenter.devexpress.com/ticket/details/t1161404/report-and-dashboard-server-improper-default-configuration-can-lead-to-ssrf-attacksmitre
- supportcenter.devexpress.com/ticket/details/t1162045/reporting-bi-dashboard-office-file-api-web-app-configuration-to-help-prevent-ssrf-attacksmitre
- supportcenter.devexpress.com/ticket/details/t394936/devexpress-security-advisory-updated-on-april-27-2023mitre
News mentions
0No linked articles in our index yet.