Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Payload has Server-Side Request Forgery (SSRF) in External File URL Uploads
Vulnerability Description
Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery (SSRF) vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an authenticated attacker to access internal network resources. The Payload environment must have at least one collection with `upload` enabled and a user who has `create` access to that upload-enabled collection in order to be vulnerable. An authenticated user with upload collection write permissions could potentially access internal services. Response content from internal services could be retrieved through the application. This vulnerability has been patched in v3.75.0. As a workaround, one may mitigate this vulnerability by disabling external file uploads via the `disableExternalFile` upload collection option, or by restricting `create` access on upload-enabled collections to trusted users only.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Payload CMS 代码问题漏洞
Vulnerability Description
Payload CMS是Payload开源的一个内容管理系统。 Payload CMS 3.75.0之前版本存在代码问题漏洞,该漏洞源于外部文件上传功能中对HTTP重定向的验证不足,可能导致服务端请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A