Lucene search
Veracode Vulnerability DatabaseVERACODE:29468HistoryFeb 24, 2021 - 2:52 a.m.
Server-Side Request Forgery (SSRF)
2021-02-2402:52:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
rendertron vulnerability
ssrf
headless chrome access
internal domains
EPSS
0.001
Percentile
22.7%
rendertron is vulnerable to sever-side request forgery (SSRF). The vulnerability exists as it allows the headless chrome to access the internal domains, forcing the rendertron headless chrome process to render internal sites and display the response as a screenshot.
Related
cve
cve
CVE-2020-8902
2021-02-23 12:15:12
nodejs
nodejs
Server-Side Request Forgery
2021-03-01 19:42:28
cvelist
cvelist
CVE-2020-8902 SSRF in Rendertron
2021-02-23 12:00:16
prion
prion
Server side request forgery (ssrf)
2021-02-23 12:15:00
github
github
SSRF in Rendertron
2021-03-01 19:38:23
osv
osv
CVE-2020-8902
2021-02-23 12:15:12
SSRF in Rendertron
2021-03-01 19:38:23
nvd
nvd
CVE-2020-8902
2021-02-23 12:15:12