Server side request forgery in gibbon
Critical severity
GitHub Reviewed
Published
Apr 26, 2022
to the GitHub Advisory Database
•
Updated May 4, 2023
Description
Published by the National Vulnerability Database
Apr 25, 2022
Published to the GitHub Advisory Database
Apr 26, 2022
Reviewed
Apr 27, 2022
Last updated
May 4, 2023
Credits
-
Plsr Analyst
Gibbon v3.4.3 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. This issue has been resolved in version 3.4.4
References