CVE-2024-47830

Name of the Vulnerable Software and Affected Versions Plane versions prior to 0.23.0

Description The issue concerns an open-source project management tool that uses ** wildcard support to retrieve images from any hostname, potentially allowing an attacker to induce the server into performing requests to unintended locations.

Recommendations For versions prior to 0.23.0, update to version 0.23.0 to resolve the issue. As a temporary workaround, consider restricting access to the /web/next.config.js endpoint until the update is applied.