Submit #465942: Antabot White-Jotter 0.2.2 Server-Side Request Forgeryinfo

TitleAntabot White-Jotter 0.2.2 Server-Side Request Forgery
DescriptionA Server-Side Request Forgery (SSRF) vulnerability exists in the book cover URL specification functionality of Antabot White-Jotter version 0.2.2. This vulnerability arises because the application allows users to specify arbitrary URLs from the admin page to fetch book cover images. An attacker can exploit this functionality to force the server to make unauthorized requests to internal services or external targets, potentially exposing sensitive information or enabling further attacks.
Source⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/white-jotter/ServerSideRequestForgery-BookCoverURL.md
User
 vastzero (UID 78767)
Submission12/18/2024 06:32 PM (2 months ago)
Moderation12/29/2024 09:28 AM (11 days later)
StatusAccepted
VulDB Entry289722 [Antabot White-Jotter up to 0.2.2 Edit Book /admin/content/book server-side request forgery]
Points20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!