CVE-2024-28435

Name of the Vulnerable Software and Affected Versions Twenty version 0.3.0

Description The CRM platform is vulnerable to server-side request forgery (SSRF) via file upload. This issue allows an attacker to potentially access internal resources or make unauthorized requests.

Recommendations For version 0.3.0, consider disabling the file upload feature until a patch is available to prevent exploitation of the SSRF vulnerability. Restrict access to sensitive internal resources to minimize the risk of unauthorized access.