SSRF leaking internal google cloud data through upload function [SSH Keys, etc..]
Critical
V
Vimeo
Submitted None
Team Summary
Official summary from Vimeo
Using our upload feature, the user was able to force an SSRF to occur.
Actions:
Reported by
dphoeniixx
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Server-Side Request Forgery (SSRF)