CVE-2021-44659
N/A
N/A
Summary
Adding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a Server Side Request Forgery (SSRF). NOTE: the vendor's position is that the observed behavior is not a vulnerability, because the product's design allows an admin to configure outbound requests
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.gocd.org/
- https://github.com/gocd/gocd
- https://github.com/Mesh3l911/CVE-2021-44659
- https://youtu.be/WW_a3znugl0
References
- https://www.gocd.org/
- https://github.com/gocd/gocd
- https://github.com/Mesh3l911/CVE-2021-44659
- https://youtu.be/WW_a3znugl0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.