Security Advisory
CVE-2024-24028
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Server Side Request Forgery (SSRF) vulnerability in Likeshop before 2.5.7 allows attackers to view sensitive information via the avatar parameter in function UserLogic::updateWechatInfo.