CVE-2024-35538 Information

Description

Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability which allows attackers to falsify their IP addresses by specifying an arbitrary IP as value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.

Reference

https://typecho.org https://cyberaz0r.info/2024/08/typecho-multiple-vulnerabilities/