CVE-2021-30108: Server-Side Request Forgery (SSRF)

May 24, 2021 (updated May 28, 2021)

Feehi CMS When the user modifies the HTTP Referer header to any url, the server can make a request to it.

References

github.com/liufee/cms/issues/57
nvd.nist.gov/vuln/detail/CVE-2021-30108

Code Behaviors & Features

Detect and mitigate CVE-2021-30108 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →