FlaskBB: SSRF in get_image_info() via unrestricted avatar URL

Summary A Server-Side Request Forgery SSRF vulnerability in getimageinfo allows any authenticated user to force the server to send HTTP requests to arbitrary internal endpoints, including cloud metadata services e.g., AWS 169.254.169.254. This is a blind SSRF with confirmed internal port scanning...

Origin Validation Error

Overview cinny is a Yet another matrix client Affected versions of this package are vulnerable to Origin Validation Error in the process that handles emoji pack avatar URLs in the service worker. An attacker can obtain a victim's access token by crafting a malicious emote pack with an...

EUVD-2026-14923

Vikjuna Bypasses Webhook SSRF Protections During OpenID Connect Avatar Download...

PT-2022-9911 · Gitea +1 · Gitea +1

Name of the Vulnerable Software and Affected Versions: Gitea versions prior to 1.13.6 Description: The issue allows Directory Traversal via a crafted URL, specifically affecting the avatar middleware. Recommendations: For versions prior to 1.13.6, update to version 1.13.6 or later to resolve the...