CVE-2023-51665

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-918
View all →

Vulnerability Description

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request (SSRF) vulnerability in Auth.js. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this vulnerability.

Related Vulnerabilities

CVE-2007-6758

HIGH
CVSS:7.5(High)

Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.

CWE-9182007

CVE-2017-0929

HIGH
CVSS:7.5(High)

DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resou...

CWE-9182017

CVE-2017-1000419

HIGH
CVSS:7.5(High)

phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal ser...

CWE-9182017

CVE-2017-18638

HIGH
CVSS:7.5(High)

send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server re...

CWE-9182017

CVE-2017-3164

HIGH
CVSS:7.5(High)

Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the ser...

CWE-9182017

CVE-2018-12809

HIGH
CVSS:7.5(High)

Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.

CWE-9182018