You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Replication process:
Login to the backend and create a new data source
Select dynamic data source and add the ip of dnslog.
After submitting, you can get the id from the queryDatasources route.
Then use queryOptions route to trigger ssrf.
Code Analysis:
Come to src/main/jsrf
src/main/java/io/jpress/module/form/controller/admin/_FormDatasourceController.java file
The queryDatasources route corresponds to the method that can be used to query the ids
If the data is dynamic, the method corresponding to the queryOptions route calls the proxy.start method.
Finally, the doSendRequest method is called to trigger the ssrf.
The text was updated successfully, but these errors were encountered:
ilikeoyt
changed the title
Jpress has a SSRF Vul
Jpress has a SSRF Vulnerability
Sep 4, 2024
Download the latest version and start it locally
Replication process:
Login to the backend and create a new data source
Select dynamic data source and add the ip of dnslog.
After submitting, you can get the id from the queryDatasources route.
Then use queryOptions route to trigger ssrf.
Code Analysis:
Come to src/main/jsrf
src/main/java/io/jpress/module/form/controller/admin/_FormDatasourceController.java file
The queryDatasources route corresponds to the method that can be used to query the ids
If the data is dynamic, the method corresponding to the queryOptions route calls the proxy.start method.
Finally, the doSendRequest method is called to trigger the ssrf.
The text was updated successfully, but these errors were encountered: