Описание
composio allows Server-Side Request Forgery (SSRF) in BROWSERTOOL
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOL_GOTO_PAGE and BROWSERTOOL_GET_PAGE_DETAILS actions.
Пакеты
Наименование
composio-core
pip
Затронутые версииВерсия исправления
<= 0.4.4
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
11 месяцев назад
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOL_GOTO_PAGE and BROWSERTOOL_GET_PAGE_DETAILS actions.