CVE-2024-1021 | Rebuild up to 3.5.5 HTTP Request readRawText url server-side request forgery

Posted by Angelo Barbosa | Jan 29, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is handled as CVE-2024-1021. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-1021 | Rebuild up to 3.5.5 HTTP Request readRawText url server-side request forgery

Related Posts

CVE-2024-50415 | Pagup Ads.txt & App-ads.txt Manager Plugin up to 1.1.7.1 on WordPress cross site scripting

CVE-2024-1046 | collizo4sky Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content Plugin Shortcode cross site scripting (ID 3030229)

CVE-2023-6489 | GitLab Community Edition/Enterprise Edition up to 16.8.5/16.9.3/16.10.1 Chat Integration resource consumption (Issue 433520)

CVE-2024-2912 | BentoML Framework up to 1.2.4 POST Request insecure default initialization of resource