Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Blind Server-Side Request Forgery (SSRF) in eLabFTW
Vulnerability Description
eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET requests on behalf of the server. It is "blind" because the attacker cannot see the result of the request. Issue has been patched in eLabFTW 4.0.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Elabftw 代码问题漏洞
Vulnerability Description
Elabftw是一套开源的实验数据托管平台。该平台运行于Linux系统中,并支持存储多种对象。 ELabFTW 存在代码问题漏洞,攻击者可利用该漏洞代表服务器发出GET请求。
CVSS Information
N/A
Vulnerability Type
N/A