Preventing Server-Side Request Forgeries in Java
The application lets users specify a URL for their profile picture. It fetches the data from the URL and saves it on the server. However, the app is vulnerable to server-side request forgery (SSRF) – you can specify URLs like file:///etc/p… Continue reading Preventing Server-Side Request Forgeries in Java