CVE-2023-25230

Name of the Vulnerable Software and Affected Versions loonflow version r2.0.14

Description A Server-Side Request Forgery (SSRF) issue allows attackers to force the application to make arbitrary requests via manipulation of the hook url parameter. This enables attackers to potentially access internal resources or make unauthorized requests.

Recommendations For loonflow version r2.0.14, as a temporary workaround, consider restricting access to the hook url parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.