Title | Antabot White-Jotter 0.2.2 Server-Side Request Forgery |
---|
Description | A Server-Side Request Forgery (SSRF) vulnerability exists in the book cover URL specification functionality of Antabot White-Jotter version 0.2.2. This vulnerability arises because the application allows users to specify arbitrary URLs from the admin page to fetch book cover images. An attacker can exploit this functionality to force the server to make unauthorized requests to internal services or external targets, potentially exposing sensitive information or enabling further attacks. |
---|
Source | ⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/white-jotter/ServerSideRequestForgery-BookCoverURL.md |
---|
User | vastzero (UID 78767) |
---|
Submission | 12/18/2024 06:32 PM (2 months ago) |
---|
Moderation | 12/29/2024 09:28 AM (11 days later) |
---|
Status | Accepted |
---|
VulDB Entry | 289722 [Antabot White-Jotter up to 0.2.2 Edit Book /admin/content/book server-side request forgery] |
---|
Points | 20 |
---|