Server-side Request Forgery (SSRF)
Overview llamafactory is an Easy-to-use LLM fine-tuning framework Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the processrequest function, which processes incoming content URLs without proper validation or sanitization. An attacker can access internal...