CVE-2024-43371
CVE-2024-43371 describes a Server Side Request Forgery (SSRF) in CKAN via multiple plugins (XLoader, DataPusher, Resource proxy, ckanext-archiver) that fetch remote resources without validating the target URL. The underlying issue is that these plugins use the resource URL without restricting des...