Next.js Server-Side Request Forgery in Server Actions
Impact A Server-Side Request Forgery SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js...