b33t1e/CVE-2023-27163

## CVE-2023-27163
[description]
request-baskets up to v1.2.1 was discovered to contain a Server-Side
Request Forgery (SSRF) via the component /api/baskets/{name}. This
vulnerability allows attackers to access network resources and
sensitive information via a crafted API request.
>
------------------------------------------
>
[VulnerabilityType Other]
Server-Side Request Forgery (SSRF)
>
------------------------------------------
>
[Vendor of Product]
https://github.com/darklynx/request-baskets
>
------------------------------------------
>
[Affected Product Code Base]
request-baskets - <= Version 1.2.1
>
------------------------------------------
>
[Affected Component]
The API endpoints /api/baskets/{name}, /baskets/{name} are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the forward_url parameter.
>
------------------------------------------
>
[Attack Type]
Remote
>
------------------------------------------
>
[Impact Escalation of Privileges]
true
>
------------------------------------------
>
[Impact Information Disclosure]
true
>
------------------------------------------
>
[Attack Vectors]
POC: POST /api/baskets/{name} API with payload - {"forward_url": "http://127.0.0.1:80/test","proxy_response": false,"insecure_tls": false,"expand_path": true,"capacity": 250}
details can be seen: https://notes.sjtu.edu.cn/s/MUUhEymt7
>
------------------------------------------
>
[Discoverer]
beet1e
>
------------------------------------------
>
[Reference]
http://request-baskets.com
https://github.com/darklynx/request-baskets
https://notes.sjtu.edu.cn/s/MUUhEymt7
	[description]
	request-baskets up to v1.2.1 was discovered to contain a Server-Side
	Request Forgery (SSRF) via the component /api/baskets/{name}. This
	vulnerability allows attackers to access network resources and
	sensitive information via a crafted API request.
	>
	------------------------------------------
	>
	[VulnerabilityType Other]
	Server-Side Request Forgery (SSRF)
	>
	------------------------------------------
	>
	[Vendor of Product]
	https://github.com/darklynx/request-baskets
	>
	------------------------------------------
	>
	[Affected Product Code Base]
	request-baskets - <= Version 1.2.1
	>
	------------------------------------------
	>
	[Affected Component]
	The API endpoints /api/baskets/{name}, /baskets/{name} are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the forward_url parameter.
	>
	------------------------------------------
	>
	[Attack Type]
	Remote
	>
	------------------------------------------
	>
	[Impact Escalation of Privileges]
	true
	>
	------------------------------------------
	>
	[Impact Information Disclosure]
	true
	>
	------------------------------------------
	>
	[Attack Vectors]
	POC: POST /api/baskets/{name} API with payload - {"forward_url": "http://127.0.0.1:80/test","proxy_response": false,"insecure_tls": false,"expand_path": true,"capacity": 250}
	details can be seen: https://notes.sjtu.edu.cn/s/MUUhEymt7
	>
	------------------------------------------
	>
	[Discoverer]
	beet1e
	>
	------------------------------------------
	>
	[Reference]
	http://request-baskets.com
	https://github.com/darklynx/request-baskets
	https://notes.sjtu.edu.cn/s/MUUhEymt7