CVE-2026-30247

Name of the Vulnerable Software and Affected Versions WeKnora versions prior to 0.2.12

Description The application’s "Import document via URL" feature is susceptible to Server-Side Request Forgery (SSRF) through HTTP redirects. While the backend implements comprehensive URL validation, it fails to validate redirect targets. An attacker can bypass protections by using a redirect chain, forcing the server to access internal services. Docker-specific internal addresses like host.docker.internal are not blocked. The /api/v1/knowledge-bases/{id}/knowledge/url endpoint validates the initial URL but follows HTTP redirects without re-validating the destination. This allows attackers to submit a URL to an attacker-controlled domain, which responds with a 307 redirect to an internal service, enabling access to internal services and potential data exposure. The IsSSRFSafeURL() function validates the initial URL but does not validate HTTP redirect targets.

Recommendations Versions prior to 0.2.12 should be updated to version 0.2.12 or later.