Navigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated)
A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.