| Description: | | Weaver E-cology is a high-end collaborative office system designed for large enterprises and groups. It provides comprehensive functions such as process management, knowledge management, and project management. It supports multiple organizations, departments, and users, helping enterprises achieve efficient collaboration and digital transformation. There is a Server-Side Request Forgery (SSRF) vulnerability in the getFileViewUrl of Weaver E-cology. Attackers can exploit this vulnerability to induce the server to initiate malicious download requests, thereby bypassing access restrictions, stealing sensitive data, attacking internal network services, or triggering other vulnerabilities to further expand the scope of the attack. |