| Titel | Antabot White-Jotter 0.2.2 Server-Side Request Forgery |
|---|
| Beschreibung | A Server-Side Request Forgery (SSRF) vulnerability exists in the book cover URL specification functionality of Antabot White-Jotter version 0.2.2. This vulnerability arises because the application allows users to specify arbitrary URLs from the admin page to fetch book cover images. An attacker can exploit this functionality to force the server to make unauthorized requests to internal services or external targets, potentially exposing sensitive information or enabling further attacks. |
|---|
| Quelle | ⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/white-jotter/ServerSideRequestForgery-BookCoverURL.md |
|---|
| Benutzer | vastzero (UID 78767) |
|---|
| Einreichung | 18.12.2024 18:32 (vor 1 Jahr) |
|---|
| Moderieren | 29.12.2024 09:28 (11 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 289722 [Antabot White-Jotter bis 0.2.2 Edit Book /admin/content/book erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|