CVE-2023-50786 – Dradis HTTP Image Reference Vulnerability (Arbitrary Code Execution)

CVE ID : CVE-2023-50786

Published : July 5, 2025, 4:15 a.m. | 44 minutes ago

Description : Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of forcing the use of embedded (uploaded) images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…