Skip to content

Instantly share code, notes, and snippets.

@exp1orer

exp1orer/gist:0f190c6a64b668a9b1c4c47789affa09

Created February 14, 2024 08:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save exp1orer/0f190c6a64b668a9b1c4c47789affa09 to your computer and use it in GitHub Desktop.
Save exp1orer/0f190c6a64b668a9b1c4c47789affa09 to your computer and use it in GitHub Desktop.
Download ZIP
TencentBlueKing CMDB Server-side request forgery
Raw
gistfile1.txt
[AFFECTED VERSION(S)]
- 3.2.x - 3.9.x
[DESCRIPTION]
Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a crafted POST request.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment