Description
Appwrite '/v1/avatars/favicon' endpoint is vulnerable to an SSRF vulnerability. An attacker could exploit this vulnerability to compromise the server.
Remediation
Upgrade to the latest version of Appwrite
References
Related Vulnerabilities
Apache OFBiz XMLRPC Deserialization RCE (CVE-2020-9496/CVE-2023-49070)
PaloAlto Networks Expedition RCE (CVE-2024-9463)
ManageEngine Desktop Central Deserialization RCE (CVE-2020-10189)
ForgeRock AM / OpenAM Deserialization RCE (CVE-2021-35464)
WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities (1.7.0)