Description
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by V. Paulikas · textremotemultiple
https://www.exploit-db.com/exploits/39259
References (2)
Core 2
Core References
Exploit mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2014/Jul/72
Scores
EPSS
0.0546
EPSS Percentile
90.3%
Details
Status
published
Products (1)
alfresco/community_edition
< 5.0.a
Published
Dec 07, 2014
Tracked Since
Feb 18, 2026