To have a significant impact SSRF needs to be combined with a second worse vulne... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		CodesInChaos 38 days ago \| parent \| context \| favorite \| on: CVEs affecting the Svelte ecosystem To have a significant impact SSRF needs to be combined with a second worse vulnerability: An endpoint that trusts unauthenticated requests just because they come from within the local network. Sadly several popular clouds have such a vulnerability out of the box (metadata endpoint).

staticassertion 38 days ago [–]

Yeah, that's less of a "vulnerability" and more of how I expect 99% of companies to handle authentication within a network (sadly).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact