Security Advisory

CVE-2016-4029

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-08-07 16:00:00

Last updated 2024-08-06 00:17:30

Assigner mitre

State PUBLISHED

Description

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address.

← Browse all CVEs View on cve.org ↗