CVE-2025-10393 | miurla morphic up to 0.4.5 HTTP Status Code 3xx /api/advanced-search fetchHtml server-side request forgery (Issue 670)

Inserito da Angelo Barbosa | Set 13, 2025 | CVE

A vulnerability was found in miurla morphic up to 0.4.5. It has been rated as critical. This impacts the function fetchHtml of the file /api/advanced-search of the component HTTP Status Code 3xx Handler. This manipulation causes server-side request forgery.

This vulnerability is tracked as CVE-2025-10393. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2025-10393 | miurla morphic up to 0.4.5 HTTP Status Code 3xx /api/advanced-search fetchHtml server-side request forgery (Issue 670)

Post correlati

CVE-2024-0516 | Royal Elementor Addons and Templates Plugin up to 1.3.87 on WordPress wpr_update_form_action_meta authorization

CVE-2025-21842 | Linux Kernel up to 6.12.15/6.13.3/6.14-rc2 amdkfd amdgpu_amdkfd_free_gtt_mem type confusion

CVE-2025-10274 | erjinzhi 10OA 1.0 /trial/mvc/item Name cross site scripting

CVE-2025-5154 | PhonePe App 25.03.21.0 on Android SQLite Database databases cleartext storage in a file or on disk