Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
&color=brightgreen)
Plane is an open-source project management tool. Plane uses the ** wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0.
- https://github.com/makeplane/plane/security/advisories/GHSA-39gx-38xf-c348
- https://github.com/Sim4n6/Sim4n6
- https://github.com/fkie-cad/nvd-json-data-feeds