2 matches found
CVE-2022-0768
Server-Side Request Forgery SSRF in GitHub repository rudloff/alltube prior to 3.0.2...
CVE-2022-24739
alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack depending on how AllTube is configured. The impact is mitigated by the fact the SSRF attack is onl...