A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to…
@huntr_ai·CWE-918·Published 2025-03-20
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOL_GOTO_PAGE and BROWSERTOOL_GET_PAGE_DETAILS actions.
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOL_GOTO_PAGE and BROWSERTOOL_GET_PAGE_DETAILS actions.
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOL_GOTO_PAGE and BROWSERTOOL_GET_PAGE_DETAILS actions.
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOL_GOTO_PAGE and BROWSERTOOL_GET_PAGE_DETAILS actions.
Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) en composiohq/composio versión v0.4.4. Esta vulnerabilidad permite a un atacante leer el contenido de cualquier archivo del sistema mediante las acciones BROWSERTOOL_GOTO_PAGE y BROWSERTOOL_GET_PAGE_DETAILS.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.0 | Primary | cve.org | 6.8 | — | — | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
| 3.0 | Primary | cve.org | 6.8 | — | — | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
| 3.0 | Secondary | NVD | 6.8 | 2.3 | 4.0 | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
| 3.1 | Primary | NVD | 7.5 | 3.9 | 3.6 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| 3.1 | Secondary | GHSA | 6.8 | — | — | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |