A vulnerability was found in JIZHICMS 2.4.5. It has been classified as critical. Affected is the function index of the file TemplateController.php. The manipulation of the argument webapi leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230082 is the identifier assigned to this vulnerability.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/2xxx/CVE-2023-2927.json",
"cwe_ids": [
"CWE-918"
],
"unresolved_ranges": [
{
"extracted_events": [
{
"introduced": "2.4.5"
},
{
"last_affected": "2.4.5"
}
],
"source": "AFFECTED_FIELD"
}
],
"cna_assigner": "VulDB"
}