PT-2024-25011 · Lobe Chat · Lobe Chat
Name of the Vulnerable Software and Affected Versions: Lobe Chat versions prior to 0.150.6 Description: The issue is related to an unauthorized Server-Side Request Forgery SSRF vulnerability in the /api/proxy endpoint. An attacker can construct malicious requests to cause SSRF without logging in,...