CVE-2014-8943

Name of the Vulnerable Software and Affected Versions: Lexiglot versions prior to 2014-11-20

Description: The issue allows for Server-Side Request Forgery (SSRF) via the svn url parameter in the admin.php?page=projects endpoint. This means an attacker could potentially force the server to make unauthorized requests.

Recommendations: For versions prior to 2014-11-20, as a temporary workaround, consider restricting access to the admin.php?page=projects endpoint until a fix is available. Avoid using the svn url parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.