Main Vulnerability Database Exploits ID:12720 - Exploit for Server-Side Request Forgery (SSRF) in Computer Vision Annotation Tool (CVAT) - CVE-2022-31188

ID:12720 - Exploit for Server-Side Request Forgery (SSRF) in Computer Vision Annotation Tool (CVAT) - CVE-2022-31188

Published: May 21, 2026

Vulnerability identifier: #VU132047

Vulnerability risk: Low

CVE-ID: CVE-2022-31188

CWE-ID: CWE-918

Exploitation vector: Remote access

Vulnerable software:
Computer Vision Annotation Tool (CVAT)

Link to public exploit:

https://www.exploit-db.com/exploits/51030/

Vulnerability description

The vulnerability allows a remote user to perform server-side request forgery.

The vulnerability exists due to improper input validation in URL validation for remote data sources when processing user-supplied remote data source URLs. A remote user can supply a crafted URL to perform server-side request forgery.

Remediation

Install security update from vendor's website.

ID:12720 - Exploit for Server-Side Request Forgery (SSRF) in Computer Vision Annotation Tool (CVAT) - CVE-2022-31188

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human