-
```
tests/samples/flask_request.py
❯❯❱ python.django.security.injection.ssrf.ssrf-injection-requests.ssrf-injection-requests
Data from request object is passed to a new server-side…
-
XmlDocument load is vulnerable to XXE attacks (XML external entity injection)
it can allow someone to perform SSRF attacks and read local files by sending an AMF request with XML data
Here is some m…
-
-
### What happened?
I added several podcasts, and most of them worked just fine, except a couple, such as `D&D is for Nerds` or `Radiolab`.
### What did you expect to happen?
I would like to be able…
-
您好,
我是360代码卫士团队的工作人员,在lemon项目中发现了服务器端请求伪造漏洞(ssrf),详细信息如下
CdnController.java文件中接收了http请求中的url参数
![default](https://user-images.githubusercontent.com/39950310/46716441-9c0c1b80-cc96-11e8-9ba7-3f3b851…
-
### Self Checks
- [X] This is only for bug report, if you would like to ask a question, please head to [Discussions](https://github.com/langgenius/dify/discussions/categories/general).
- [X] I hav…
-
### Gogs version
v0.12.9
### Git version
- Server: 2.24.1
- Client: 2.24.1
### Operating system
MacOS 10.15.4
### Database
SQLite3
### Describe the bug
in changelog of 0.12.9, https://…
-
# Summary
An SSRF (Server-Side Request Forgery) vulnerability was identified in the LyLme_spage version 1.9.5. This vulnerability allows internal network requests to be initiated and sensitive inform…
-
Hi!
The supplied proxies:
- https://github.com/greenido/backbone-bira/blob/master/test-page/prox.php
- https://github.com/greenido/backbone-bira/blob/master/test-page/proxy.php
- https://githu…
-
Client function `CheckRedirect` is used to protect against some forms of Server-side request forgery (SSRF) / Cross-site request forgery (CSRF) attacks. It would be, however, more convenient to have s…