Lucene search
Tightrope Media Carousel Security Vulnerabilities
cve
The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse. First, a specially crafted URL could be used in a phishing attack to hijack the trust the user and the browser have with the website and could serve malicious content f...
10CVSS
9.2AI Score
0.002EPSS
2019-08-26 06:15 PM
83