Incomplete Filtering of Special Elements
Overview dssrf is a SSRF defense library for Node.js with safe URL validation utilities. Affected versions of this package are vulnerable to Incomplete Filtering of Special Elements via the isurlsafe function. An attacker can access internal network resources by supplying specially crafted IPv6...