You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The /auth/uploadByUrl endpoint allows a URL to be submitted for the server to access. An attacker can exploit this to send requests to the server, and a Server-Side Request Forgery (SSRF) vulnerability allows the attacker to manipulate the server into making requests, potentially leading to access to internal systems and leakage of sensitive information.
Remediation Suggestions: If the functionality is not essential, it is recommended to remove it, or define a whitelist that users can specify, or filter out internal addresses
The text was updated successfully, but these errors were encountered:
The /auth/uploadByUrl endpoint allows a URL to be submitted for the server to access. An attacker can exploit this to send requests to the server, and a Server-Side Request Forgery (SSRF) vulnerability allows the attacker to manipulate the server into making requests, potentially leading to access to internal systems and leakage of sensitive information.
Remediation Suggestions: If the functionality is not essential, it is recommended to remove it, or define a whitelist that users can specify, or filter out internal addresses
The text was updated successfully, but these errors were encountered: