Vulnerable Scenario: when your app allows a user to send a URL to curl (or fetch, etc), potentially the user can curl a file on your server with:
curl file:///etc/passwd
So to improve the security against this, apply a check on the URL schema (not to accept with URL starting with file://)
No comments:
Post a Comment