3 matches found
CVE-2023-46725
creationtimestamp| type| source ---|---|--- 2023-11-02 17:23:00+00:00| seen| https://t.me/cibsecurity/73453...
CVE-2023-46725
CVE-2023-46725 affects FoodCoopShop open‑source software. Versions 3.2.0 up to 3.6.0 are vulnerable to server‑side request forgery via the Network module: an attacker with a manufacturer account can abuse the /api/updateProducts.json endpoint to cause the server to proxy requests to an arbitrary ...
CVE-2023-46725 FoodCoopShop Server-Side Request Forgery vulnerability
FoodCoopShop is open source software for food coops and local shops. Versions starting with 3.2.0 prior to 3.6.1 are vulnerable to server-side request forgery. In the Network module, a manufacturer account can use the /api/updateProducts.json endpoint to make the server send a request to an...