IpMatcher 1.0.4.1 Server-Side Request Forgery
Posted by deepcore on May 17, 2022 – 6:47 am
IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors.
Post a reply
You must be logged in to post a comment.