Ki9Mu

**Name of the Vulnerable Software and Affected Versions** Dify version 1.6.0 **Description** The software contains a Server-Side Request Forgery (SSRF) issue. This occurs due to improper validation within the `controllers.console.remote files.RemoteFileUploadApi` component. An attacker could potentially leverage this to make requests on behalf of the server, potentially accessing internal resources or performing unauthorized actions. **Recommendations** Update to a newer version that contains a fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.