Invia #273832: rebuild rebuild <= 3.5.5 SSRFinformazioni

Titolorebuild rebuild <= 3.5.5 SSRF
DescrizioneThere is an SSRF vulnerability in the FileDownLoader#readRawText method. Since the URL parameters are controllable, an http request is initiated to the specified url and the request result is returned. The attacker uses this vulnerability to detect intranet services and ports and read related files.
Fonte⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5
Utente
 lemono (UID 59906)
Sottomissione27/01/2024 05:51 (2 anni fa)
Moderazione29/01/2024 11:47 (2 days later)
StatoAccettato
Voce VulDB252290 [Rebuild fino a 3.5.5 HTTP Request readRawText url escalationi di privilegi]
Punti17

Might our Artificial Intelligence support you?

Check our Alexa App!