216.73.216.133

CVE-2025-13872

· Published 02/12/2025 10:16 · Modified 04/12/2025 17:52

Labels: CVE-2025-13872 2025-12-0264c5ae8f-7972-4697-86a0-7ada793ac795CVE-2025-13872CWE-918

Essential information

Published
02/12/2025 10:16
Modified
04/12/2025 17:52
Author
Creator
CVSS
2.1 LOW (v3) 2.1 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Blind Server-Side Request Forgery (SSRF) in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on Web-based platforms allows an attacker to force the server to perform HTTP GET requests via crafted import requests to an arbitrary destination.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
64c5ae8f-7972-4697-86a0-7ada793ac795
NVD
View on NVD

Affected products (CPE)

ProductCPE
objectplanet / opinio cpe:2.3:a:objectplanet:opinio:7.26:*:*:*:*:*:*:*

References