Enviar #858045: 1Panel-dev CordysCRM 1.4.1 Server-Side Request Forgeryinformación

Título1Panel-dev CordysCRM 1.4.1 Server-Side Request Forgery
DescripciónThe IntegrationConfigService component in CordysCRM v1.4.1 contains a Server-Side Request Forgery (SSRF) vulnerability. This vulnerability stems from the getSqlBotSrc() method extracting URLs from the appSecret parameter using regex pattern without proper validation. Extracted URLs are directly used to create HTTP connections via URI.create(jsUrl).toURL().openConnection() in the /organization/settings/third-party/edit endpoint. No whitelist validation, protocol restriction, or internal IP blocking is applied. Attackers can inject malicious URLs via the appSecret parameter (e.g., appSecret": "src="<http://malicious\\>"").
Fuente⚠️ https://github.com/1Panel-dev/CordysCRM/issues/2687
Usuario
 liushaozhe (UID 83234)
Sumisión2026-06-13 19:39 (hace 1 mes)
Moderación2026-07-18 14:11 (1 month later)
EstadoAceptado
Entrada de VulDB380045 [1Panel-dev CordysCRM hasta 1.4.1 Third Party Edit Endpoint IntegrationConfigService.java getSqlBotSrc appSecret escalada de privilegios]
Puntos20

Interested in the pricing of exploits?

See the underground prices here!