| Titel | Antabot White-Jotter 0.2.2 Server-Side Request Forgery |
|---|
| Beschreibung | A Server-Side Request Forgery (SSRF) vulnerability exists in the article cover URL specification functionality of Antabot White-Jotter version 0.2.2. This vulnerability arises because the application allows users to define arbitrary URLs using the article editor to fetch article cover images. An attacker can exploit this functionality to force the server to make unauthorized requests to internal services or external targets, potentially exposing sensitive information or enabling further attacks. |
|---|
| Quelle | ⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/white-jotter/ServerSideRequestForgery-ArticleCoverURL.md |
|---|
| Benutzer | vastzero (UID 78767) |
|---|
| Einreichung | 19.12.2024 17:02 (vor 1 Jahr) |
|---|
| Moderieren | 29.12.2024 13:29 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 289765 [Antabot White-Jotter bis 0.2.2 Article Editor /admin/content/editor articleCover erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|