CVE-2025-36845

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://smartoffice.expert/en", "name": "https://smartoffice.expert/en", "tags": [], "refsource": ""}, {"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-035.txt", "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-035.txt", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An issue was discovered in Eveo URVE Web Manager 27.02.2025. The endpoint /_internal/redirect.php allows for Server-Side Request Forgery (SSRF). The endpoint takes a URL as input, sends a request to this address, and reflects the content in the response. This can be used to request endpoints only reachable by the application server."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-36845", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2025-07-21T18:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-22T13:05Z"}