TAK-PS-Stats Web UI: Authenticated full-read SSRF in CloudTAK basemap import (PUT /api/basemap) — no IP-classification guard
Summary PUT /api/basemap the basemap import endpoint fetches an attacker-supplied URL server-side with no SSRF protection whatsoever. Any authenticated user can submit a JSON body "type": "...", "url": "" ; the server calls fetchurl against that URL and then reflects the response body name,...