Back to search
CVE-2020-13650
Published: Jun 15, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to an internal component, the request is blind, but through the error message it's possible to determine whether the request targeted a open service.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://know.bishopfox.com/advisories/digdash-version-2018
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now