Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nu Html Checker (validator.nu) - Restriction bypass vulnerability allowing local SSRF
Vulnerability Description
Nu Html Checker (validator.nu) contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources, including localhost services. While the validator implements hostname-based protections to block direct access to localhost and 127.0.0.1, these controls can be bypassed using DNS rebinding techniques or domains that resolve to loopback addresses.This issue affects The Nu Html Checker (vnu): latest (commit 23f090a11bab8d0d4e698f1ffc197a4fe226a9cd).
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
The Nu Html Checker 安全漏洞
Vulnerability Description
The Nu Html Checker是The Nu Html Checker (vnu)开源的一款用于验证HTML文档是否符合现代Web标准的工具。 The Nu Html Checker存在安全漏洞,该漏洞源于存在限制绕过,可能导致远程攻击者使服务器向内部资源发起任意HTTP/HTTPS请求。
CVSS Information
N/A
Vulnerability Type
N/A