Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v2

Vendors Products
Kavitareader
  • Kavita

Configuration 1 [-]

cpe:2.3:a:kavitareader:kavita:*:*:*:*:*:*:*:*
References
Link Resource
https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4 Patch Third Party Advisory
https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216 Exploit Patch Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: @huntrdev

Published: 2022-08-10T15:15:15

Updated: 2022-08-10T15:15:14

Reserved: 2022-08-10T00:00:00

Link: CVE-2022-2756

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-08-10T16:15:08.423

Modified: 2022-11-14T19:47:17.530

Link: CVE-2022-2756

JSON object: View

cve-icon Redhat Information

No data.

CWE