CVE-2023-27160 Information

Description

forem up to v2022.11.11 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /articles/id. This vulnerability allows attackers to access network resources and sensitive information via a crafted POST request.

Reference

https://github.com/forem/forem https://notes.sjtu.edu.cn/s/MUUhEymt7 https://gist.github.com/b33t1e/6172286862a4486b5888f3cbbdc6316d http://forem.com