Unrated severityNVD Advisory· Published Dec 13, 2023· Updated May 22, 2025
Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability
CVE-2023-47619
Description
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of time of publication, no patches are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<=2.4.3+ 1 more
- (no CPE)range: <=2.4.3
- (no CPE)range: <= 2.4.3
- Range: <=2.4.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.