漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Nu Html Checker (validator.nu) - Restriction bypass vulnerability allowing local SSRF
Vulnerability Description
Nu Html Checker (validator.nu) contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources, including localhost services. While the validator implements hostname-based protections to block direct access to localhost and 127.0.0.1, these controls can be bypassed using DNS rebinding techniques or domains that resolve to loopback addresses.This issue affects The Nu Html Checker (vnu): latest (commit 23f090a11bab8d0d4e698f1ffc197a4fe226a9cd).
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
The Nu Html Checker 安全漏洞
Vulnerability Description
The Nu Html Checker是The Nu Html Checker (vnu)开源的一款用于验证HTML文档是否符合现代Web标准的工具。 The Nu Html Checker存在安全漏洞,该漏洞源于存在限制绕过,可能导致远程攻击者使服务器向内部资源发起任意HTTP/HTTPS请求。
CVSS Information
N/A
Vulnerability Type
N/A