Description

Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are to upgrade your rendertron to version 3.0.0, or, if you cannot update, to secure the infrastructure to limit the headless chrome's access to your internal domain.

Remediation

References

https://github.com/GoogleChrome/rendertron/releases/tag/3.0.0

Related Vulnerabilities

CVE-2020-28360 Vulnerability in npm package private-ip

CVE-2020-28168 Vulnerability in npm package axios

CVE-2022-42890 Vulnerability in maven package org.apache.xmlgraphics:batik-script

CVE-2020-1925 Vulnerability in maven package org.apache.olingo:odata-client-core

CVE-2020-21122 Vulnerability in maven package com.bstek.ureport:ureport2-console

Severity

Medium

Classification

CWE-918 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N