Submeter #758974: itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 Server-Side Request Forgeryinformação

Títuloitwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 Server-Side Request Forgery
DescriçãopaiCoding contains a Server-Side Request Forgery (SSRF) vulnerability in the image upload functionality. The application allows authenticated users to provide external image URLs for automatic conversion and storage. However, the URL validation logic is insufficient, allowing attackers to access internal network resources, cloud metadata endpoints, and other restricted services.
Fonte⚠️ https://fx4tqqfvdw4.feishu.cn/docx/NK7KdbIrboeB6WxwfhucW1YgnCb?from=from_copylink
Utilizador
 xcxr (UID 86629)
Submissão16/02/2026 01h55 (há 4 meses)
Moderação26/02/2026 17h41 (11 days later)
EstadoAceite
Entrada VulDB348015 [itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 Image Save Endpoint ImageRestController.java save img Elevação de Privilégios]
Pontos19

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!