إرسال #748219: mindsdb v25.14.1 SSRFالمعلومات

عنوان	mindsdb v25.14.1 SSRF
الوصف	A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload functionality of MindsDB Editor. Due to improper URL validation, an attacker can bypass blacklist restrictions and trigger arbitrary internal network requests.
المصدر	⚠️ https://github.com/mindsdb/mindsdb/issues/12163
المستخدم	fushuling (UID 45488)
ارسال	28/01/2026 01:55 PM (3 أشهر منذ)
الاعتدال	15/02/2026 10:04 AM (18 days later)
الحالة	تمت الموافقة
إدخال VulDB	346119 [MindsDB حتى 25.14.1 File Upload security.py clear_filename تجاوز الصلاحيات]
النقاط	15

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!