Server-Side Request Forgery (SSRF)
github.com/jon4hz/jellysweep is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of the URL parameter in the /api/images/cache endpoint, which allows an authenticated attacker to make the server download arbitrary content from attacker-controlled URL...