CVE-2023-40969

Name of the Vulnerable Software and Affected Versions Senayan Library Management Systems SLIMS 9 Bulian version 9.6.1

Description The issue is related to Server Side Request Forgery (SSRF) and can be exploited via the "admin/modules/bibliography/pop p2p.php" endpoint. This allows for potentially unauthorized access to internal resources.

Recommendations For version 9.6.1, consider restricting access to the "admin/modules/bibliography/pop p2p.php" endpoint until a patch is available. As a temporary workaround, disabling the functionality related to this endpoint may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.