| 제목 | rebuild rebuild <= 3.5.5 SSRF |
|---|
| 설명 | There is an SSRF vulnerability in the FileDownLoader#readRawText method. Since the URL parameters are controllable, an http request is initiated to the specified url and the request result is returned. The attacker uses this vulnerability to detect intranet services and ports and read related files. |
|---|
| 원천 | ⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5 |
|---|
| 사용자 | lemono (UID 59906) |
|---|
| 제출 | 2024. 01. 27. AM 05:51 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 01. 29. AM 11:47 (2 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 252290 [Rebuild 까지 3.5.5 HTTP Request readRawText url 권한 상승] |
|---|
| 포인트들 | 17 |
|---|