Invision Community fixed an SSRF vulnerability (CVE-2021-40604 | PT SWARM

Invision Community fixed an SSRF vulnerability (CVE-2021-40604) found by Mikhail Klyuchnikov!

Timeline:
06/23/2021 - The advisory is published
06/24/2021 - Requested CVE via MITRE
06/13/2022 - CVE was assigned

The PoC

The "gkey" param is an unfollow token.

PT SWARM

💃 2.98K
Technologies

Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...

Join
▲ Vote (1)

Invision Community fixed an SSRF vulnerability (CVE-2021-40604 | PT SWARM

Login