2 matches found
CVE-2022-23071 Recipes - SSRF on Import
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery SSRF, in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information...
CVE-2022-23071
CVE-2022-23071 affects the Recipes application (versions 0.9.1–1.2.5). The vulnerability is a Server-Side Request Forgery (SSRF) in the “Import Recipe” feature that allows a low-privilege attacker supplying a localhost URL to access/read the internal file system and read sensitive information. Th...