Skip to main content

Wavemarker Studio

1 CVEs product

Monthly

CVE-2019-8982 CRITICAL POC THREAT Act Now

com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java SSRF Wavemarker Studio
NVD Exploit-DB
CVSS 3.0
9.6
EPSS
25.6%
EPSS 26% CVSS 9.6
CRITICAL POC THREAT Act Now

com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java SSRF Wavemarker Studio
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy