CVE-2023-51665

Name of the Vulnerable Software and Affected Versions Audiobookshelf versions prior to 2.7.0

Description Audiobookshelf is a self-hosted audiobook and podcast server. The issue is related to an unauthenticated blind server-side request (SSRF) vulnerability in Auth.js. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this issue.

Recommendations For versions prior to 2.7.0, update to version 2.7.0 to resolve the issue. As a temporary workaround, consider restricting access to the Auth.js module until the update is applied.