CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

CVE-2023-45152 Blind Server Side Request Forgery (SSRF) in remote schedule import feature in Engelsystem

Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it possible to perform a port scan against the local environment. This vulnerability has been fixed in commit ee7d30b33. If a patch cannot be deployed, operators should ensure that n...

PT-2023-12475 · WordPress · Jobsearch Wp Job Board

Name of the Vulnerable Software and Affected Versions: JobSearch WP Job Board plugin for WordPress versions up to, and including, 1.8.1 Description: The issue is related to a missing capability check on the jobsearch add job import schedule call function, allowing authenticated attackers to bypas...