Open 0xzer0 opened 4 years ago
The problem exists in the "FileController.java",You can see that there is no filtering in the code: The code use "HttpURLConnection" to connection the URL directly.
And this leads to a SSRF. The port is open:
The port is closed:
The problem exists in the "FileController.java",You can see that there is no filtering in the code:
The code use "HttpURLConnection" to connection the URL directly.
And this leads to a SSRF. The port is open:
The port is closed: