2 matches found
CVE-2023-50266
Bazarr (versions up to 1.2.4) contains an SSRF in the proxy endpoint implemented in bazarr/bazarr/app/ui.py, where user-controlled protocol and URL values are passed directly to requests.get() without sanitization. This allows crafting GET requests to internal or external resources on behalf of t...
CVE-2023-50266 Bazarr Blind Server-Side Request Forgery (SSRF) in the /test/<protocol>/ endpoint
Bazarr manages and downloads subtitles. In version 1.2.4, the proxy method in bazarr/bazarr/app/ui.py does not validate the user-controlled protocol and url variables and passes them to requests.get without any sanitization, which leads to a blind server-side request forgery SSRF. This issue allo...