Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response.
CPE | Name | Operator | Version |
---|---|---|---|
business_process_management | lt | 5.8.8.1 |