Rdiffweb is a web application by the American personal developer Patrik Dufresne. A denial of service vulnerability exists in versions prior to Rdiffweb 2.4.8, which originates in the “title” of the rdiffweb-demo.ikus-soft.com/prefs/sshkeys endpoint when adding SSH keys. " parameter is not checked for length, and an attacker could exploit the vulnerability to cause a denial of service.
CPE | Name | Operator | Version |
---|---|---|---|
patrik dufresne rdiffweb | lt | 2.4.8 |