| عنوان | rebuild rebuild <= 3.5.5 SSRF |
|---|
| الوصف | There is an SSRF vulnerability in the FileDownLoader#readRawText method. Since the URL parameters are controllable, an http request is initiated to the specified url and the request result is returned. The attacker uses this vulnerability to detect intranet services and ports and read related files. |
|---|
| المصدر | ⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5 |
|---|
| المستخدم | lemono (UID 59906) |
|---|
| ارسال | 27/01/2024 05:51 AM (2 سنوات منذ) |
|---|
| الاعتدال | 29/01/2024 11:47 AM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 252290 [Rebuild حتى 3.5.5 HTTP Request readRawText url تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|