CVE-2014-9302
Alfresco Community Edition < 5.0.a - Server-Side Request Forgery via CMIS Browser Servlet URL Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-9302. PoCs published by V. Paulikas.
AI-analyzed exploit summary The provided text describes an SSRF vulnerability in Alfresco Community Edition, where an attacker can exploit the proxy endpoint to access internal systems. It includes example URLs demonstrating the vulnerability but lacks executable exploit code.
Description
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter.
Exploits (1)
The provided text describes an SSRF vulnerability in Alfresco Community Edition, where an attacker can exploit the proxy endpoint to access internal systems. It includes example URLs demonstrating the vulnerability but lacks executable exploit code.