There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3, where the server can be forced to make arbitrary requests to internal and external resources by an authenticated user.
References
Configurations
No configuration.
History
21 Nov 2024, 08:01
Type | Values Removed | Values Added |
---|---|---|
References | () https://antidot.net/blog/ - | |
References | () https://doc.fluidtopics.com/r/Fluid-Topics-Release-Notes/June-10th-2024 - |
07 Nov 2024, 11:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-918 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
17 Jul 2024, 13:34
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Jul 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-16 18:15
Updated : 2024-11-21 08:01
NVD link : CVE-2023-31456
Mitre link : CVE-2023-31456
CVE.ORG link : CVE-2023-31456
JSON object : View
Products Affected
No product.
CWE
CWE-918
Server-Side Request Forgery (SSRF)