← back
CVE-2024-48360

CVE-2024-48360

CVSS 7.5 HIGHEPSS 3.9%CWE-918
Vexday Risk Score
36Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 7.5EPSS 3.9%KEV nãoPoC Nuclei simMetasploit Patch
Lifecycle
31 Oct 2024Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/OpenXP-Research/CVE-2024-48360https://www.qualitor.com.br/official-security-advisory-cve-2024-48360https://www.qualitor.com.br/qualitor-8-20