exploitDog

CVE-2020-24710

Опубликовано: 28 окт. 2020

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

Gophish before 0.11.0 allows SSRF attacks.

Ссылки

https://github.com/gophish/gophish/commit/e3352f481e94054ffe08494c9225d3878347b005
Patch
Third Party Advisory
https://github.com/gophish/gophish/releases/tag/v0.11.0
Third Party Advisory
https://herolab.usd.de/security-advisories/usd-2020-0054/
Exploit
Third Party Advisory
https://github.com/gophish/gophish/commit/e3352f481e94054ffe08494c9225d3878347b005
Patch
Third Party Advisory
https://github.com/gophish/gophish/releases/tag/v0.11.0
Third Party Advisory
https://herolab.usd.de/security-advisories/usd-2020-0054/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:getgophish:gophish:*:*:*:*:*:*:*:*

Версия до 0.11.0 (исключая)

EPSS

Процентиль: 63%

0.00457

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-918

Связанные уязвимости

GHSA-9c9w-9pq7-f35h

CVSS3: 5.3

github

больше 3 лет назад

Gophish vulnerable to Server-Side Request Forgery

EPSS

Процентиль: 63%

0.00457

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-918