3 matches found
CVE-2023-47619
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of...
CVE-2023-47619 Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of...
CVE-2023-47619
CVE-2023-47619 affects Audiobookshelf up to v2.4.3. The vulnerability allows users with the update permission to read arbitrary files, delete arbitrary files, and make GET requests to arbitrary URLs and read the responses, leading to Information Disclosure. There are no patches listed in the prov...