Server-Side Request Forgery (SSRF) in kalcaddle/KodExplorer

Reported on May 20th 2021

✍️ Description

I have confirmed an SSRF vulnerability that can used to access in unauthorized actions or access to data within the organization that is using this product.

🕵️‍♂️ Proof of Concept

  1. Open port 5000 on localhost
  2. Setup kodexplorer locally
  3. http://<kodexplorer Host>/index.php?app/getUrlTitle&url=localhost:5000
  4. You will see a get request in logs