CVE-2024-50714

Name of the Vulnerable Software and Affected Versions: Smart Agent version 1.1.0

Description: A Server-Side Request Forgery (SSRF) issue allows a remote attacker to obtain sensitive information via a crafted script to the "/FB/getFbVideoSource.php" component. This enables the attacker to access sensitive data.

Recommendations: For version 1.1.0, as a temporary workaround, consider restricting access to the "/FB/getFbVideoSource.php" component until a patch is available. Avoid using this component in scripts until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.