Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpBB Server-Side Request Forgery (SSRF) Vulnerability - CVE-2017-1000419 - Vulnerability Database
phpBB

phpBB Server-Side Request Forgery (SSRF) Vulnerability - CVE-2017-1000419

High
Reference: CVE-2017-1000419
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-1000419
Title: phpBB Server-Side Request Forgery (SSRF) Vulnerability
Overview:

phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning requesting internal content and potentially attacking such internal services via the web application.