What the vulnerability does

01Description

nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery.

Key dates

02Disclosure timeline

March 7, 2024 CVE published
September 6, 2024 Record updated

Related vulnerabilities

04Related CVE