A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet information via the fileurl parameter.
References
Link | Resource |
---|---|
https://github.com/getrebuild/rebuild/issues/460 | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2022-05-15 10:15
Updated : 2022-05-24 10:43
NVD link : CVE-2022-30049
Mitre link : CVE-2022-30049
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
getrebuild
- rebuild