CVE-2024-32964 | lobehub lobe-chat up to 0.150.5 /api/proxy server-side request forgery

Posted by Angelo Barbosa | May 10, 2024 | CVE

A vulnerability was found in lobehub lobe-chat up to 0.150.5. It has been declared as critical. This vulnerability affects unknown code of the file /api/proxy. The manipulation leads to server-side request forgery.

This vulnerability was named CVE-2024-32964. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-32964 | lobehub lobe-chat up to 0.150.5 /api/proxy server-side request forgery

Related Posts

CVE-2022-22364 | IBM Cognos Controller 10.4.1/10.4.2/11.0.0 HTTP Request dns rebinding (XFDB-220903)

CVE-2024-37280 | Elastic Elasticsearch 8.13.1/8.13.2/8.13.3/8.13.4 Document Ingestion stack-based overflow

CVE-2022-42443 | IBM Trusteer iOS SDK/Trusteer Android SDK up to 5.6 unrestricted upload (XFDB-238535)

CVE-2024-7945 | itsourcecode Laravel Property Management System 1.0 Notes Page /admin/notes/create Note text cross site scripting