| Title | Page Replica 1.0 Server-Side Request Forgery |
|---|
| Description | A Server-Side Request Forgery vulnerability (CWE-918) exists in the sitemap scraping functionality. The /sitemap endpoint accepts a user-controlled url parameter and directly passes it to sitemap.fetch() without any validation, sanitization, or allowlist restrictions. This behavior allows an attacker to supply arbitrary URLs, causing the server to initiate outbound requests to attacker-specified destinations.
Because the request originates from the server environment, an attacker may abuse this functionality to access internal network services, cloud metadata endpoints, or other resources that are otherwise inaccessible from the internet. |
|---|
| Source | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/page_replica.md |
|---|
| User | lakshay12311 (UID 91298) |
|---|
| Submission | 03/11/2026 07:34 (27 days ago) |
|---|
| Moderation | 03/26/2026 17:02 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 353658 [Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0 Endpoint /sitemap sitemap.fetch url server-side request forgery] |
|---|
| Points | 20 |
|---|