CVE-2024-21498

Name of the Vulnerable Software and Affected Versions github.com/greenpau/caddy-security versions all

Description The issue is related to Server-side Request Forgery (SSRF) via X-Forwarded-Host header manipulation. An attacker can expose sensitive information, interact with internal services, or exploit other vulnerabilities within the network by exploiting this vulnerability.

Recommendations For github.com/greenpau/caddy-security versions all, as a temporary workaround, consider restricting access to the X-Forwarded-Host header to minimize the risk of exploitation. Avoid using the X-Forwarded-Host header in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.