May 20th 2021
I have confirmed an SSRF vulnerability that can used to access in unauthorized actions or access to data within the organization that is using this product.
🕵️♂️ Proof of Concept
- Open port 5000 on localhost
- Setup kodexplorer locally
- http://<kodexplorer Host>/index.php?app/getUrlTitle&url=localhost:5000
- You will see a get request in logs