Vulnerabilities > Barassistant

DATE CVE VULNERABILITY TITLE RISK
2024-01-10 CVE-2023-49471 Server-Side Request Forgery (SSRF) vulnerability in Barassistant BAR Assistant
Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code.
network
low complexity
barassistant CWE-918
8.8
8.8