3 matches found
Server-side Request Forgery (SSRF)
Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via improper URL validation the spidertools component. An attacker can access internal loopback-only HTTP...
PT-2026-41195
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description A parsing discrepancy between the urlparse and requests libraries allows for a Server-Side Request Forgery SSRF bypass. The validate url function uses urlparse to verify the hostname; however,...
Server-Side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism. PoC 1 Define an app.js file with the programmatic API of nossrf as...