CVE-2024-56800 | mendableai firecrawl up to 1.1.0 Environment Variable PROXY_SERVER server-side request forgery (GHSA-vjp8-2wgg-p734)

Posted by Angelo Barbosa | Dec 31, 2024 | CVE

A vulnerability, which was classified as critical, was found in mendableai firecrawl up to 1.1.0. Affected is an unknown function of the component Environment Variable Handler. The manipulation of the argument PROXY_SERVER leads to server-side request forgery.

This vulnerability is traded as CVE-2024-56800. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-56800 | mendableai firecrawl up to 1.1.0 Environment Variable PROXY_SERVER server-side request forgery (GHSA-vjp8-2wgg-p734)

Related Posts

CVE-2024-8312 | GitLab Community Edition/Enterprise Edition up to 17.3.5/17.4.2/17.5.0 Diff View cross site scripting

CVE-2024-34207 | Totolink CP450 4.1.0cu.747_B20191224 setStaticDhcpConfig stack-based overflow

CVE-2024-5596 | ARMember Premium Plugin up to 6.7 on WordPress cross-site request forgery

CVE-2024-6254 | Brizy Plugin up to 2.5.1 on WordPress cross-site request forgery