# Piattaforme Vulnerabili a SSRF

{{#include ../../banners/hacktricks-training.md}}

Controlla **[https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/](https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/)**

- SugarCRM ≤ 14.0.0 – LESS `@import` injection in `/rest/v10/css/preview` consente SSRF non autenticato e lettura di file locali.

{{#ref}}
../less-code-injection-ssrf.md
{{#endref}}

{{#include ../../banners/hacktricks-training.md}}