| शीर्षक | rebuild rebuild <= 3.5.5 SSRF |
|---|
| विवरण | There is an SSRF vulnerability in the FileDownLoader#readRawText method. Since the URL parameters are controllable, an http request is initiated to the specified url and the request result is returned. The attacker uses this vulnerability to detect intranet services and ports and read related files. |
|---|
| स्रोत | ⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5 |
|---|
| उपयोगकर्ता | lemono (UID 59906) |
|---|
| सबमिशन | 27/01/2024 05:51 AM (2 साल पहले) |
|---|
| संयम | 29/01/2024 11:47 AM (2 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 252290 [Rebuild तक 3.5.5 HTTP Request readRawText url अधिकार वृद्धि] |
|---|
| अंक | 17 |
|---|