The SSRF vulnerability in OSTickets detailed in CVE-2020-24881 is still unfixed, attackers can still make arbitrary requests via the server to the private network via the PDF print generator although they will not be able to exfiltrate anything other than image data.
<figure><img src="http://localhost/index.png" alt="image"></figure>
This vulnerability is capable of internal portscans, interaction with internal webservers via GET requests, as well as information disclosure of images on the internal network
For instance if I were to host an image in the internal server containing some kind of secret.png at http://localhost:8000/secret.png
Then doing this will allow me to embed the secret.png at http://localhost:8000/secret.png into the PDF, causing information disclosure.
Blacklist localhost IPs and private IP addresses when printing PDFs