CVE-2025-60279

Name of the Vulnerable Software and Affected Versions Illia Cloud illia-Builder versions prior to 4.8.5

Description A server-side request forgery (SSRF) flaw exists in Illia Cloud illia-Builder, allowing authenticated users to send arbitrary requests to internal services through the API. An attacker can use this to identify open ports based on response differences and interact with internal services. The issue stems from insufficient validation or sanitization of user-provided input, enabling manipulation of server requests.

Recommendations Update Illia Cloud illia-Builder to version 4.8.5 or later.