| शीर्षक | moxi624 mogu_blog_v2 0.0.1 Injection |
|---|
| विवरण | The Mogu Blog V2 application supports OAuth authentication through multiple providers including Gitee, GitHub, QQ, and WeChat. During the OAuth callback process, the application extracts the user's avatar URL from the OAuth provider's response and forwards it to the picture storage service (mogu-picture) for downloading and storage.
The critical security flaw is that the application completely trusts the OAuth provider's response without validating the avatar URL. The picture storage service then makes HTTP requests to whatever URL is provided, without any whitelist validation, protocol checking, or IP address validation. This creates a Server-Side Request Forgery (SSRF) vulnerability where an attacker controlling the OAuth response can force the server to request arbitrary URLs. |
|---|
| स्रोत | ⚠️ https://github.com/ccccccctiiiiiiii-lab/public_exp/issues/3 |
|---|
| उपयोगकर्ता | cccccccti (UID 96695) |
|---|
| सबमिशन | 29/03/2026 04:32 PM (2 महीनों पहले) |
|---|
| संयम | 19/04/2026 06:38 PM (21 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 358260 [moxi624 Mogu Blog v2 तक 5.2 Picture Storage Service LocalFileServiceImpl.java LocalFileServiceImpl.uploadPictureByUrl अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|