COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-40842

CVE-2022-40842

Severity
critical
Source
NVD · cve
Published
2022-11-22
CVSS
9.1
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-40842
shame 35/100

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via rotateimg.php.

Players implicated

ndk-design · vendorndkadvancedcustomizationfields · product

Description

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via rotateimg.php.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.