advisory-database icon indicating copy to clipboard operation
advisory-database copied to clipboard
verified publisher icon github

[GHSA-hxgx-584x-vwm8] Appwrite Server-Side Request Forgery vulnerability

Open abnegate opened this issue 1 year ago • 1 comments

Updates

  • Affected products
  • CVSS
  • Severity

Comments Fixed in 1.3.0, confidentiality is low as no internal data is exposed.

abnegate avatar Jun 06 '24 04:06 abnegate

Hi @abnegate, thank you for your contribution. Could you provide a reference link that documents the fix in 1.3.0?

Also, while we can update the description in our database, we cannot update the description of the CVE record because the ID was assigned by MITRE. To get MITRE to update the record, you need to contact them using the "Request an update to an existing CVE Entry" form at https://cveform.mitre.org/.

Similarly, the CVSS vector was generated by the NVD so you will need to contact them using their form.

JonathanLEvans avatar Jun 06 '24 15:06 JonathanLEvans