CVE-2024-48107 Information

Description

SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides attack applications running on the Intranet or local network or read metadata on the cloud server.

Reference

https://gitee.com/sparkshop/sparkshop https://gist.github.com/RMAX2000/ebb654016e5b8a5b55aa6d8a7f2f321a#file-cve-2024-48107