CVE-2023-35817

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions DevExpress versions prior to 23.1.3

Description The issue allows for Server-Side Request Forgery (SSRF) via AsyncDownloader.

Recommendations For versions prior to 23.1.3, update to version 23.1.3 or later to resolve the issue.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2023-35817

Devexpress