GHSA-8qv9-6423-m39wMediumCVSS 6.5
Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy...
🔗 CVE IDs covered (1)
📋 Description
Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attackers to obtain the TLS private key material via a crafted GET request.