3 matches found
FlaskBB: SSRF in get_image_info() via unrestricted avatar URL
Summary A Server-Side Request Forgery SSRF vulnerability in getimageinfo allows any authenticated user to force the server to send HTTP requests to arbitrary internal endpoints, including cloud metadata services e.g., AWS 169.254.169.254. This is a blind SSRF with confirmed internal port scanning...
GHSA-XQ32-9G7Q-7297 FlaskBB: SSRF in get_image_info() via unrestricted avatar URL
Summary A Server-Side Request Forgery SSRF vulnerability in getimageinfo allows any authenticated user to force the server to send HTTP requests to arbitrary internal endpoints, including cloud metadata services e.g., AWS 169.254.169.254. This is a blind SSRF with confirmed internal port scanning...
Server-side Request Forgery (SSRF)
Overview FlaskBB is an A classic Forum Software in Python using Flask. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the getimageinfo function. An attacker can access internal network resources and sensitive cloud metadata by supplying a crafted URL as t...