Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Recipes - SSRF on Import
Vulnerability Description
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information.
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Recipes 代码问题漏洞
Vulnerability Description
Recipes是用于管理食谱、计划膳食、建立购物清单等等的应用程序! Recipes 0.9.1 版本到 1.2.5 版本存在代码问题漏洞,该漏洞源于 Import Recipe 功能容易受到服务器请求伪造攻击。当攻击者输入 localhost URL 时,低权限攻击者可以访问/读取内部文件系统以访问敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A