K2 : Security Vulnerabilities, CVEs,
Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL.
Max CVSS
6.5
EPSS Score
0.07%
Published
2018-05-24
Updated
2019-02-27
1 vulnerabilities found