6May
CVE-2024-33117 | crmeb_java 1.3.4 com.zbkj.front.pub.ImageMergeController mergeList server-side request forgery
A vulnerability, which was classified as critical, has been found in crmeb_java 1.3.4. Affected by this issue is the functionmergeList
of the component com.zbkj.front.pub.ImageMergeController. The manipulation leads to server-side request forgery.
This vulnerability is handled as CVE-2024-33117. The attack needs to be approached within the local network. There is no exploit available.