2 matches found
CVE-2026-8209
Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...
Server-side Request Forgery (SSRF)
Overview gibbon is a wrapper for MailChimp API 3.0 and Export API Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to the concatenation of domains, it's possible to spoof the information and change the root domain via a crafted URL. Remediation Upgrade gibb...