CVE-2021-39195

Server-Side Request Forgery (SSRF) in npm/misskey-reversi

Identifiers

CVE-2021-39195, GHSA-mqv7-gxh4-r5vf

Package Slug

npm/misskey-reversi

Vulnerability

Server-Side Request Forgery (SSRF)

Description

Misskey is an open source, decentralized microblogging platform. However, if you are using a proxy, you will need to take additional measures. As a workaround this exploit may be avoided by appropriately restricting access to private networks from the host where the application is running.

Affected Versions

All versions before 12.90.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-09-16

source