Bram Wiepjes

Name of the Vulnerable Software and Affected Versions: Baserow versions prior to 1.1.0 Description: The issue allows remote authenticated users to retrieve files from the internal server network exposed over HTTP by inserting an internal address in the URL file upload. This is due to a Server-Side Request Forgery (SSRF) in Baserow. Recommendations: For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the file upload feature to minimize the risk of exploitation.