SSRF with information disclosure
Medium
L
Lark Technologies
Submitted None
Team Summary
Official summary from Lark Technologies
A SSRF (server side request forgery) vulnerability was identified in the messenger endpoint of Lark Suite which could have exposed internal credentials used by the server. We thank @jin0ne for reporting this to our team.
Actions:
Reported by
jin0ne
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Server-Side Request Forgery (SSRF)