Serendipity · Serendipity · CVE-2016-9752
**Name of the Vulnerable Software and Affected Versions**
Serendipity versions prior to 2.0.5
**Description**
The issue allows an attacker to bypass SSRF protection. This can be achieved by using a malformed IP address, such as `http://127.1`, or by utilizing a 30x HTTP status code, also known as a Redirection status code.
**Recommendations**
For versions prior to 2.0.5, update to version 2.0.5 or later to resolve the issue.