logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-24060

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-24060

Description:
Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have numbered releases; ordinary end users may typically use the master branch.
Last updated date:
02/07/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/07/2023
Reference url to background

https://github.com/havenweb/haven/issues/51

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy