Exploit for Server-Side Request Forgery in Thoughtworks Gocd CVE-2021-44659

## https://sploitus.com/exploit?id=15DE40EC-EF61-51B6-871A-DD4CE2B8A693
# ..| CVE-2021-44659 |..

# Description :
<b>Adding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a Server Side Request Forgery (SSRF) <br>
</b><br>
<h1>Tested Version :</h1>
<b>GoCD server 21.3.0 ( GitHub's latest version 07/12/2021 )
</b><br>
<h1>Attack Type: </h1>
<b>Remote
</b>
<br>
<h1>Impact :<br></h1>
<b>Server Side Request Forgery (SSRF)
</b><br>
<br>
<h1>YouTube POC :</h1>
 <code> https://youtu.be/WW_a3znugl0  </code><br><br>
<br>
<h1>Vendor of Product :</h1>
<code> https://www.gocd.org/ </code><br><br>
</b>
<h1>Discoverers :</h1>
<b>
Mesh3l_911 <br>
Twitter: <code> @mesh3l_911 </code>
<br>
</b>