Sn00Py.B0X

Name of the Vulnerable Software and Affected Versions: I, Librarian versions 4.8 and earlier Description: The issue concerns a SSRF vulnerability found in the `url` parameter of the `getFromWeb` function in functions.php. This vulnerability can be exploited to abuse server functionality, allowing an attacker to read or update internal resources. Recommendations: For versions 4.8 and earlier, consider restricting access to the `getFromWeb` function in functions.php to minimize the risk of exploitation. Avoid using the `url` parameter in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.