Lucene search

K
cvelistMitreCVELIST:CVE-2023-44469
HistorySep 29, 2023 - 12:00 a.m.

CVE-2023-44469

2023-09-2900:00:00
mitre
www.cve.org
2
server-side request forgery
openid connect issuer
lemonldap::ng
get requests
cve-2023-44469
cve-2020-10770

5.2 Medium

AI Score

Confidence

High

0.148 Low

EPSS

Percentile

95.8%

A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. This is similar to CVE-2020-10770.