Enviar #758974: itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 Server-Side Request Forgeryinformación

Títuloitwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 Server-Side Request Forgery
DescripciónpaiCoding contains a Server-Side Request Forgery (SSRF) vulnerability in the image upload functionality. The application allows authenticated users to provide external image URLs for automatic conversion and storage. However, the URL validation logic is insufficient, allowing attackers to access internal network resources, cloud metadata endpoints, and other restricted services.
Fuente⚠️ https://fx4tqqfvdw4.feishu.cn/docx/NK7KdbIrboeB6WxwfhucW1YgnCb?from=from_copylink
Usuario
 xcxr (UID 86629)
Sumisión2026-02-16 01:55 (hace 4 meses)
Moderación2026-02-26 17:41 (11 days later)
EstadoAceptado
Entrada de VulDB348015 [itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 Image Save Endpoint ImageRestController.java save img escalada de privilegios]
Puntos19

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!