{"id":7185,"date":"2025-06-23T13:23:28","date_gmt":"2025-06-23T13:23:28","guid":{"rendered":"http:\/\/localhost\/?p=7185"},"modified":"2025-06-23T13:23:28","modified_gmt":"2025-06-23T13:23:28","slug":"dromara-maxkey-meta-url-saml20detailscontrollerjava-add-server-side-request-forgery","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7185","title":{"rendered":"Dromara MaxKey Meta URL SAML20DetailsController.java add server-side request forgery"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nDromara MaxKey Meta URL SAML20DetailsController.java add server-side request forgery<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-23T18:00:15.580Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nDromara<\/td>\n<\/tr>\n
Product<\/th>\nMaxKey<\/td>\n<\/tr>\n
Version<\/th>\n4.1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n5.3 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA server-side request forgery vulnerability in Dromara MaxKey versions up to 4.1.7 allows remote attackers to manipulate the ‘post’ argument in the SAML20DetailsController, potentially leading to unauthorized requests. This issue is rated critical and has been publicly disclosed without a vendor response.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nDromara<\/td>\n<\/tr>\n
Product<\/th>\nMaxKey<\/td>\n<\/tr>\n
Affected Version<\/th>\n4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n