إرسال #858045: 1Panel-dev CordysCRM 1.4.1 Server-Side Request Forgeryالمعلومات

عنوان1Panel-dev CordysCRM 1.4.1 Server-Side Request Forgery
الوصفThe IntegrationConfigService component in CordysCRM v1.4.1 contains a Server-Side Request Forgery (SSRF) vulnerability. This vulnerability stems from the getSqlBotSrc() method extracting URLs from the appSecret parameter using regex pattern without proper validation. Extracted URLs are directly used to create HTTP connections via URI.create(jsUrl).toURL().openConnection() in the /organization/settings/third-party/edit endpoint. No whitelist validation, protocol restriction, or internal IP blocking is applied. Attackers can inject malicious URLs via the appSecret parameter (e.g., appSecret": "src="<http://malicious\\>"").
المصدر⚠️ https://github.com/1Panel-dev/CordysCRM/issues/2687
المستخدم
 liushaozhe (UID 83234)
ارسال13/06/2026 07:39 PM (1 شهر منذ)
الاعتدال18/07/2026 02:11 PM (1 month later)
الحالةتمت الموافقة
إدخال VulDB380045 [1Panel-dev CordysCRM حتى 1.4.1 Third Party Edit Endpoint IntegrationConfigService.java getSqlBotSrc appSecret تجاوز الصلاحيات]
النقاط20

Do you need the next level of professionalism?

Upgrade your account now!