Submit #273832: rebuild rebuild <= 3.5.5 SSRFinfo

Titlerebuild rebuild <= 3.5.5 SSRF
DescriptionThere is an SSRF vulnerability in the FileDownLoader#readRawText method. Since the URL parameters are controllable, an http request is initiated to the specified url and the request result is returned. The attacker uses this vulnerability to detect intranet services and ports and read related files.
Source⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5
User
 lemono (UID 59906)
Submission01/27/2024 05:51 (2 years ago)
Moderation01/29/2024 11:47 (2 days later)
StatusAccepted
VulDB entry252290 [Rebuild up to 3.5.5 HTTP Request readRawText url server-side request forgery]
Points17

Want to stay up to date on a daily basis?

Enable the mail alert feature now!