| Title | trueleaf apiflow ≤0.9.7 Server-Side Request Forgery |
|---|
| Description | ApiFlow is an API documentation management platform written in TypeScript/Node.js. The HTTP proxy functionality in the server component contains a Server-Side Request Forgery (SSRF) vulnerability that allows unauthenticated attackers to bypass URL validation and make arbitrary requests to internal network resources.
The vulnerability exists in the `HttpProxyService` class where URL validation is performed only on the initial request URL, but not on redirect targets. By using an external redirect service, attackers can bypass the IP address allowlist and access internal services such as databases, cloud metadata endpoints, and other sensitive internal resources. |
|---|
| Source | ⚠️ https://www.notion.so/Server-Side-Request-Forgery-SSRF-in-ApiFlow-329ea92a3c4180489df2fa2702078fe5 |
|---|
| User | din4 (UID 50867) |
|---|
| Submission | 03/20/2026 15:43 (17 days ago) |
|---|
| Moderation | 03/21/2026 08:36 (17 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 352316 [trueleaf ApiFlow 0.9.7 URL Validation http_proxy.service.ts validateUrlSecurity server-side request forgery] |
|---|
| Points | 17 |
|---|