GHSA-CWPP-325Q-2CVP Statamic Vulnerable to Server-Side Request Forgery via Glide
Impact When Glide image manipulation is used in insecure mode which is not the default, the image proxy can be abused by an unauthenticated user to make the server send HTTP requests to arbitrary URLs—either via the URL directly or via the watermark feature. That can allow access to internal...