2 matches found
CVE-2020-23079
SSRF vulnerability in Halo =1.3.2 exists in the SMTP configuration, which can detect the server intranet...
CVE-2020-23079
Halo up to version 1.3.2 contains an SSRF in the SMTP configuration that can be leveraged to detect the server intranet. The affected component is Halo’s SMTP handling; root cause is misconfigured SMTP settings enabling SSRF-like requests. Publicly stated impact is exposure to internal network de...