MidnightBSD

Advisories for wavemaker

CVE-2019-8982 MEDIUM

com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-918,

Products Affected

Vendor Product Version
wavemaker wavemarker_studio 6.6