Vulnerability Details CVE-2023-48379
Softnext Mail SQR Expert is an email management platform, it has inadequate filtering for a specific URL parameter within a specific function. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.1%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-48379
-
cpe:2.3:a:softnext:mail_sqr_expert:230330
-
cpe:2.3:a:softnext:mail_sqr_expert:2dut.190301
-
cpe:2.3:a:softnext:mail_sqr_expert:2dut.220701