2 matches found
CVE-2024-28435
Twenty CRM platform version 0.3.0 is affected by a server-side request forgery (SSRF) via the file upload feature. The root cause is SSRF in the file upload handling, which can allow an attacker to trigger requests to internal resources or make unauthorized requests. PT-Security notes remediation...
CVE-2024-28435
The CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload...