Vulnerability Details CVE-2019-8982
com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.811
EPSS Ranking 99.1%
CVSS Severity
CVSS v3 Score 9.6
CVSS v2 Score 6.8
Products affected by CVE-2019-8982
-
cpe:2.3:a:wavemaker:wavemarker_studio:6.6