Security scans identified vulnerabilities related to an outdated JavaScript framework library, specifically targeting the YUI version. The initial scan report indicated a need to upgrade a javascritp framework library. Investigation revealed the core issue was a dependency on a vulnerable version of...
The DownloadServlet endpoint in Yonyou Mobile System Management contains an arbitrary file read vulnerability. A attacker can craft a specially formatted HTTP request to retreive arbitrary files from the server, including sensitive configuration files and system data. Affected Endpoint /mobsm/common...
Overview of Server-Side Request Forgery Server-Side Request Forgery (SSRF) is a security vulnerability where an attacker can induce a server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. This flaw typically arises when an application fetches a remote resou...