漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Audiobookshelf vulnerable to Blind SSRF in `podcastUtils.js`
Vulnerability Description
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request (SSRF) vulnerability in `podcastUtils.js`. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Audiobookshelf 代码问题漏洞
Vulnerability Description
Audiobookshelf是audiobookshelf开源的一个自托管的有声读物和播客服务器。 Audiobookshelf 2.7.0之前版本存在代码问题漏洞,该漏洞源于podcastUtils.js存在服务器请求伪造(SSRF)漏洞。
CVSS Information
N/A
Vulnerability Type
N/A