Lucene search

K

CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin

🗓️ 29 Nov 2024 18:13:53Reported by GitHub_MType 
vulnrichment
 vulnrichment
🔗 github.com

Server-side request forgery in Backstage Scaffolder plugin. Vulnerability in template functionality allows Server-Side Template Injection (SSTI) for Git config injection, resulting in unauthorized access to sensitive git resources. Resolved in versions v0.4.12, v0.5.1, v0.6.1 of @backstage/plugin-scaffolder-node package

Show more
Related
Refs