VYPR
Unrated severityNVD Advisory· Published Dec 13, 2023· Updated May 22, 2025

Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability

CVE-2023-47619

Description

Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of time of publication, no patches are available.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.