GHSA-9F46-W24H-69W4 new-api is vulnerable to SSRF Bypass
Summary A recently patched SSRF vulnerability contains a bypass method that can bypass the existing security fix and still allow SSRF to occur. Because the existing fix only applies security restrictions to the first URL request, a 302 redirect can bypass existing security measures and successful...