Lucene search
K

5 matches found

OSV
OSV
added 2024/03/06 11:3 a.m.32 views

BIT-REDASH-2020-12725

Havoc Research discovered an authenticated Server-Side Request Forgery SSRF via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding...

7.2CVSS6.9AI score0.01318EPSS
Exploits1References3
NVD
NVD
added 2020/06/11 7:15 p.m.33 views

CVE-2020-12725

Havoc Research discovered an authenticated Server-Side Request Forgery SSRF via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding...

7.2CVSS0.01318EPSS
Exploits1References3
Prion
Prion
added 2020/06/11 7:15 p.m.19 views

Server side request forgery (ssrf)

Havoc Research discovered an authenticated Server-Side Request Forgery SSRF via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding...

6.5CVSS6.8AI score0.01318EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/06/11 6:50 p.m.47 views

CVE-2020-12725

Redash open-source versions 8.0.0 and prior are affected by an authenticated SSRF via the JSON data source. The issue allows crafting arbitrary HTTP requests (custom headers, any verb) from within the data source, with potential impact to downstream services. Affected connectors beyond JSON are p...

7.2CVSS6.9AI score0.01318EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/06/11 6:50 p.m.32 views

CVE-2020-12725

Havoc Research discovered an authenticated Server-Side Request Forgery SSRF via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding...

6.9AI score0.01318EPSS
Exploits1References3
Rows per page
Query Builder