Headline

GHSA-8c2c-jxwj-jqgf: Browsershot does not validate URL protocols passed to Browsershot URL method

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method.

2 years ago

ghsa

Open in Source

#git

Browsershot does not validate URL protocols passed to Browsershot URL method

High severity GitHub Reviewed Published Nov 25, 2022 • Updated Dec 2, 2022

2 years ago

CVE

Open in Source

#web #google #js #git #java #pdf #chrome

ghsa: Latest News

GHSA-8fh4-942r-jf2g: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php

2 days ago

ghsa

GHSA-7q7g-4xm8-89cq: Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit

2 days ago

ghsa

GHSA-phm4-wf3h-pc3r: Unpatched Remote Code Execution in Gogs

2 days ago

ghsa

GHSA-x645-6pf9-xwxw: LibreNMS has an Authenticated OS Command Injection

3 days ago

ghsa

GHSA-gv4m-f6fx-859x: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

3 days ago

ghsa

Headline

GHSA-8c2c-jxwj-jqgf: Browsershot does not validate URL protocols passed to Browsershot URL method

Related news

ghsa: Latest News