CVE-2022-43140 | kkFileView 4.1.0 url server-side request forgery (Issue 392)
A vulnerability classified as critical was found in kkFileView 4.1.0. Affected by this vulnerability is the function cn.keking.web.controller.OnlinePreviewController#getCorsFile. The manipulation of the argument url leads to server-side request forgery.
This vulnerability is known as CVE-2022-43140. The attack can be launched remotely. There is no exploit available.