Friendica · Friendica · CVE-2021-27329
**Name of the Vulnerable Software and Affected Versions**
Friendica version 2021.01
**Description**
The issue allows for Server-Side Request Forgery (SSRF) via the `parse url` parameter with `binurl` for DNS lookups or HTTP requests to arbitrary domain names. This could potentially be exploited to access internal resources or make unauthorized requests.
**Recommendations**
For Friendica version 2021.01, consider restricting access to the `parse url` function with the `binurl` parameter to minimize the risk of SSRF exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.