More information about this CVE will likely be available in a few days
Description
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php" file.
Related CPE's
Could not find any relations
Weaknesses
Could not find any weaknesses
CVSS impact metrics
Could not find any metrics
Information
Source identifier
Vulnerability status
Received
Published
2025-12-29T20:15:40.423
2 hours agoLast modified
2025-12-29T20:15:40.423
2 hours ago