The Ping() function in ui/api/target.go in Harbor up to and including 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linuxfoundation harbor 1.3.0 |
||
linuxfoundation harbor |