Blind Server-Side Request Forgery (SSRF) in eLabFTW

eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is "blind" because the attacker cannot see the result of the request. Issue has been patched in eLabFTW 4.0.0.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

服务端请求伪造(SSRF)

Elabftw 代码问题漏洞

Elabftw是一套开源的实验数据托管平台。该平台运行于Linux系统中，并支持存储多种对象。 ELabFTW 存在代码问题漏洞，攻击者可利用该漏洞代表服务器发出GET请求。

N/A

N/A