WeBid Server-Side Request Forgery (SSRF) Vulnerability - CVE-2022-41477 - Vulnerability Database

WeBid Server-Side Request Forgery (SSRF) Vulnerability - CVE-2022-41477

Critical

Reference: CVE-2022-41477

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-41477

Title: WeBid Server-Side Request Forgery (SSRF) Vulnerability

Overview:

A security issue was discovered in WeBid lt1.2.2. A Server-Side Request Forgery (SSRF) vulnerability in the admin/theme.php file allows remote attackers to inject payloads via theme parameters to read files across directories.