Visma Bug Bounty Program: SSRF in img export

The researcher has found a SSRF vulnerability in the application’s image export functionality. The app would take all the html as input and generate an image based on that. By manipulating the html code and adding a src tag, it was possible to trigger a SSRF.