Security Advisory

CVE-2022-43140

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-17 00:00:00

Last updated 2025-04-30 14:07:01

Assigner mitre

State PUBLISHED

Description

kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component cn.keking.web.controller.OnlinePreviewController#getCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url parameter.

← Browse all CVEs View on cve.org ↗