Submeter #273832: rebuild rebuild <= 3.5.5 SSRFinformação

Títulorebuild rebuild <= 3.5.5 SSRF
DescriçãoThere is an SSRF vulnerability in the FileDownLoader#readRawText method. Since the URL parameters are controllable, an http request is initiated to the specified url and the request result is returned. The attacker uses this vulnerability to detect intranet services and ports and read related files.
Fonte⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5
Utilizador
 lemono (UID 59906)
Submissão27/01/2024 05h51 (há 2 anos)
Moderação29/01/2024 11h47 (2 days later)
EstadoAceite
Entrada VulDB252290 [Rebuild até 3.5.5 HTTP Request readRawText url Elevação de Privilégios]
Pontos17

Do you know our Splunk app?

Download it now for free!