ZDI-24-890: Progress Software WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-5015.


Leave a Reply

Your email address will not be published. Required fields are marked *