Lark Technologies: Server Side Request Forgery
It was found that one lark endpoint was susceptible to a Server-Side Request Forgery SSRF vulnerability using the parameter "URL" which could have potentially been used by an attacker to conduct host/port scanning on the internal network. We thank @jin0ne for reporting this to our team and...