Отправить #858045: 1Panel-dev CordysCRM 1.4.1 Server-Side Request ForgeryИнформация

Название1Panel-dev CordysCRM 1.4.1 Server-Side Request Forgery
ОписаниеThe IntegrationConfigService component in CordysCRM v1.4.1 contains a Server-Side Request Forgery (SSRF) vulnerability. This vulnerability stems from the getSqlBotSrc() method extracting URLs from the appSecret parameter using regex pattern without proper validation. Extracted URLs are directly used to create HTTP connections via URI.create(jsUrl).toURL().openConnection() in the /organization/settings/third-party/edit endpoint. No whitelist validation, protocol restriction, or internal IP blocking is applied. Attackers can inject malicious URLs via the appSecret parameter (e.g., appSecret": "src="<http://malicious\\>"").
Источник⚠️ https://github.com/1Panel-dev/CordysCRM/issues/2687
Пользователь
 liushaozhe (UID 83234)
Представление13.06.2026 19:39 (1 месяц назад)
Модерация18.07.2026 14:11 (1 month later)
Статуспринято
Запись VulDB380045 [1Panel-dev CordysCRM до 1.4.1 Third Party Edit Endpoint IntegrationConfigService.java getSqlBotSrc appSecret эскалация привилегий]
Баллы20

Do you know our Splunk app?

Download it now for free!