Security Advisory

CVE-2024-47830

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-11 14:55:36

Last updated 2024-10-15 16:15:20

Assigner GitHub_M

State PUBLISHED

Description

Plane is an open-source project management tool. Plane uses the ** wildcard support to retrieve the image from any hostname as in /web/next.config.js. This may permit an attacker to induce the server side into performing requests to unintended locations. This vulnerability is fixed in 0.23.0.

← Browse all CVEs View on cve.org ↗