mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-10 03:37:37 +02:00
0xMarcio
729 B
729 B
CVE-2021-28060
Description
A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to arbitrary URLs via the url parameter to group/api/upload.php.
POC
Reference
- https://fatihhcelik.github.io/posts/Group-Office-CRM-SSRF/
- https://fatihhcelik.github.io/posts/Group-Office-CRM-SSRF/
Github
No PoCs found on GitHub currently.