CVE-2024-31991 Mealie vulnerable to a GET-based SSRF in recipe importer (GHSL-2023-225)
Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safescrapehtml function utilizes a user-controlled URL to issue a request to a remote server. Based on the content of the response, it will either parse the content or disregard it. This function, nor those that call it,...