openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://marc.info/?l=openid-security&m=155477050605610&w=2 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-05-10T19:18:47
Updated: 2024-08-04T22:40:16.291Z
Reserved: 2019-04-09T00:00:00
Link: CVE-2019-11066
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-05-10T20:29:00.537
Modified: 2019-05-13T16:48:02.717
Link: CVE-2019-11066
Redhat
No data.