Vulnerability Details CVE-2018-13790
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.0%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
Products affected by CVE-2018-13790
-
cpe:2.3:a:concretecms:concrete_cms:8.2.0