Vulnerability Details : CVE-2016-9752
In Serendipity before 2.0.5, an attacker can bypass SSRF protection by using a malformed IP address (e.g., http://127.1) or a 30x (aka Redirection) HTTP status code.
Vulnerability category: Server-side request forgery (SSRF)
Exploit prediction scoring system (EPSS) score for CVE-2016-9752
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less