SSRF @ links.py

**SSRF** issue exists @ **links\.py** in branch **master**

The application sends a request to a remote server, for some resource, using get in /scripts/validate/links.py:167. However, an attacker can control the target of the request, by sending a URL or other data in argv at /scripts/validate/links.py:271.

**Namespace:** danielgerb
**Repository:** public-API
**Repository Url:** https://github.com/danielgerb/public-API
**CxAST\-Project:** danielgerb/public-API
**CxAST platform scan:** [1c36dc32\-6289\-4fa2\-949a\-3fd6c4cf5551](https://ast.checkmarx.net/projects/aeddc4e6-65dd-4495-b6f1-1ed435805a96/scans?id=1c36dc32-6289-4fa2-949a-3fd6c4cf5551&branch=master)
**Branch:** master
**Application:** public-API
**Severity:** MEDIUM
**State:** TO_VERIFY
**Status:** NEW
**CWE:** 918
**Lines:** [271](https://github.com/danielgerb/public-API/blob/master/scripts/validate/links.py#L271) 

----
**References**
[Read more](https://ast.checkmarx.net/results/1c36dc32-6289-4fa2-949a-3fd6c4cf5551/aeddc4e6-65dd-4495-b6f1-1ed435805a96/sast/description/918/5776908364364596990)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSRF @ links.py #2

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

SSRF @ links.py #2

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions