CVE-2019-12161 – WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider …

Vuln ID: CVE-2019-12161

Published:  2019-05-17  19:29:00Z

Description: WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168).

Source: NVD.NIST.GOV

 

Tags