CVE-2021-27329

Name of the Vulnerable Software and Affected Versions Friendica version 2021.01

Description The issue allows for Server-Side Request Forgery (SSRF) via the parse url parameter with binurl for DNS lookups or HTTP requests to arbitrary domain names. This could potentially be exploited to access internal resources or make unauthorized requests.

Recommendations For Friendica version 2021.01, consider restricting access to the parse url function with the binurl parameter to minimize the risk of SSRF exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.