PT-2023-32793 · Kalcaddle · Kodexplorer
Glzjin
·
Published
2023-12-16
·
Updated
2024-05-17
·
CVE-2023-6852
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
kalcaddle KodExplorer versions up to 4.51.03
Description
A critical vulnerability has been found in kalcaddle KodExplorer, affecting an unknown function of the file plugins/webodf/app.php. This issue leads to server-side request forgery and can be launched remotely. The exploit has been disclosed to the public.
Recommendations
For versions up to 4.51.03, upgrade to version 4.52.01 to address this issue. As a temporary workaround, consider restricting access to the
plugins/webodf/app.php file until the upgrade is applied.Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kodexplorer