Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of time of publication, no patches are available.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-12-13T21:02:34.389Z

Updated: 2023-12-13T21:06:36.271Z

Reserved: 2023-11-07T16:57:49.243Z


Link: CVE-2023-47619

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-12-13T21:15:07.417

Modified: 2023-12-19T14:45:12.943


Link: CVE-2023-47619

JSON object: View

cve-icon Redhat Information

No data.