github.com/thecodingmachine/gotenberg is vulnerable to Server Side Request Forgery (SSRF). An attacker is able to send malicious requests on behalf of the application via the /convert/html
endpoint when the src attribute of an HTML element refers to an internal system file, such as .
CPE | Name | Operator | Version |
---|---|---|---|
github.com/thecodingmachine/gotenberg | le | 6.3.1 |