mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
439 B
439 B
SSRF 漏洞平台
{{#include ../../banners/hacktricks-training.md}}
检查 https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/
- SugarCRM ≤ 14.0.0 – LESS
@import注入在/rest/v10/css/preview中启用未经身份验证的 SSRF 和本地文件读取。
{{#ref}} ../less-code-injection-ssrf.md {{#endref}}
{{#include ../../banners/hacktricks-training.md}}