phpBB Server-Side Request Forgery (SSRF) Vulnerability - CVE-2017-1000419 - Vulnerability Database

phpBB Server-Side Request Forgery (SSRF) Vulnerability - CVE-2017-1000419

High

Reference: CVE-2017-1000419

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-1000419

Title: phpBB Server-Side Request Forgery (SSRF) Vulnerability

Overview:

phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning requesting internal content and potentially attacking such internal services via the web application.