cvedb.io
CVE-2017-12905
CRITICAL · CVSS 10
EPSS exploitation probability: 0%
Published 2017-09-25T17:29:00.727 · Last modified 2026-06-17T01:04:07.440

Summary

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.

Affected products

vebto — pixie_-_image_editor

Does this affect you?

Add your gear to cvedb and we'll alert you only when vebto ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.