CVE-2023-24060 – Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functiona …

27 January 2023

Vuln ID: CVE-2023-24060

Published: 2023-01-27 04:15:07Z

Description: Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have numbered releases; ordinary end users may typically use the master branch.

Source: NVD.NIST.GOV

Date:

27 January 2023

Categorie(s):

NVD

Tag(s):

NVD

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites26 April 2024
Top 5 MSP Cyberattacks in 2023/202426 April 2024
Flaws in Chinese keyboard apps leave 750 million users open to snooping, researchers claim26 April 2024
Most people still rely on memory or pen and paper for password management26 April 2024
LSA Whisperer: Open-source tools for interacting with authentication packages26 April 2024