CVE-2023-25230

A Server-Side Request Forgery SSRF in loonflow r2.0.14 allows attackers to force the application to make arbitrary requests via manipulation of the hookurl parameter...

CVE-2023-25230

A Server-Side Request Forgery SSRF in loonflow r2.0.14 allows attackers to force the application to make arbitrary requests via manipulation of the hookurl parameter...

CVE-2023-25230

A Server-Side Request Forgery SSRF in loonflow r2.0.14 allows attackers to force the application to make arbitrary requests via manipulation of the hookurl parameter...

CVE-2023-25230

A Server-Side Request Forgery SSRF in loonflow r2.0.14 allows attackers to force the application to make arbitrary requests via manipulation of the hookurl parameter...

loonflow 代码问题漏洞

loonflow is a django based workflow engine by blackholll individual developer. A code issue vulnerability exists in loonflow version r2.0.14. An attacker could exploit this vulnerability to conduct server-side request forgery SSRF attacks...

CVE-2023-25230

The CVE-2023-25230 SSRF is reported in loonflow r2.0.14. The vulnerability arises from a flaw in the hook_url parameter, allowing an attacker to force the application to make arbitrary external requests. Public sources (e.g., PT-2023-19995, Red Hat, NVD) confirm the issue and describe potential i...

PT-2023-19995 · Loonflow · Loonflow

Name of the Vulnerable Software and Affected Versions: loonflow version r2.0.14 Description: A Server-Side Request Forgery SSRF issue allows attackers to force the application to make arbitrary requests via manipulation of the hook url parameter. This enables attackers to potentially access...

CVE-2023-25230

A Server-Side Request Forgery SSRF in loonflow r2.0.14 allows attackers to force the application to make arbitrary requests via manipulation of the hookurl parameter...