LY Corporation: SSRF restricted to HTTP/HTML on LINE Social Plugins (https://social-plugins.line.me/)
LINE Social Plugins https://social-plugins.line.me/ is a service that provides LINE users with content sharing on the web. This SSRF attack was caused by bypassing the DNS verification of the parameter value received to check the page information of shared content. Attacks were only possible with...