Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Server-Side Request Forgery via Avatar upload in flarum
Vulnerability Description
Flarum is an open source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofing the MIME type, an attacker can manipulate the application to execute unintended actions. The vulnerability is due to the behavior of the `intervention/image` package, which attempts to interpret the supplied file contents as a URL, which then fetches its contents. This allows an attacker to exploit the vulnerability to perform SSRF attacks, disclose local file contents, or conduct a blind oracle attack. This has been patched in Flarum version 1.8.0. Users are advised to upgrade. Users unable to upgrade may disable PHP's `allow_url_fopen` which will prevent the fetching of external files via URLs as a temporary workaround for the SSRF aspect of the vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Flarum 代码问题漏洞
Vulnerability Description
Flarum是Flarum社区的一套开源的论坛系统。 Flarum 1.8.0之前版本存在代码问题漏洞,该漏洞源于允许攻击者通过 SSRF 攻击泄露服务器上的任何文件,即使在是Flarum 论坛上基本用户帐户,攻击者利用该漏洞可以通过上传包含 URL 的文件欺骗 MIME 类型,操纵应用程序执行意外的操作。
CVSS Information
N/A
Vulnerability Type
N/A