Open swift-ci opened 6 years ago
Issue Description:
Hi , This message for your Security Team.. I've found a SSRF Vulnerability in your company website Fix it as soon as Possible ************************************* Poc : https://bugs.swift.org/plugins/servlet/oauth/users/icon-uri?consumerUri=http://google.com
Reference : https://www.owasp.org/index.php/Server_Side_Request_Forgery
Mohamed Haron Security Researcher Bug Bounty Hunter
Thank you for the report!
Additional Detail from JIRA
| | | |------------------|-----------------| |Votes | 0 | |Component/s | | |Labels | Bug | |Assignee | None | |Priority | Medium | md5: 593676d92ad21ebb001e6848e7c52f36Issue Description:
Hi ,
This message for your Security Team..
I've found a SSRF Vulnerability in your company website
Fix it as soon as Possible
*************************************
Poc : https://bugs.swift.org/plugins/servlet/oauth/users/icon-uri?consumerUri=http://google.com
Reference : https://www.owasp.org/index.php/Server_Side_Request_Forgery
Mohamed Haron
Security Researcher
Bug Bounty Hunter