MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSalesforce Mule
APPSalesforce3.8.0 – 4.2.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2021-1626CRITICAL9.8ten sam produkt
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime compon...
CVE-2021-1628CRITICAL9.8ten sam produkt
MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime co...
CVE-2021-1630HIGH7.5ten sam produkt
XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect...
CVE-2026-22582CRITICAL9.8PL ✓ten sam vendor
Argument Injection w Salesforce Marketing Cloud Engagement (MicrositeUrl)
CVE-2026-22583CRITICAL9.8PL ✓ten sam vendor
Argument Injection w Salesforce Marketing Cloud Engagement (CloudPagesUrl)