Share
## https://sploitus.com/exploit?id=5DA05E44-C757-5E93-8892-0A47F5A31F6F
# CVE-2023-27163 - Request Baskets SSRF 

Request Baskets SSRF PoC

![alt text](https://rvizx.github.io/CVE-2023-27163/img.png?raw=true)

Request Baskets versions <1.2.1 are vulnerable to Server Side Request Forgery (SSRF) attacks via the `/api/baskets/{name}` component.
 
# usage
```
git clone https://github.com/rvizx/CVE-2023-27163
cd CVE-2023-27163
chmod +x exploit.sh 
```

```
./exploit.sh <target_url> <attacker_url>
```

# notes

Credit to @beet1e from Shanghai Jiao Tong University and @chenlibo147 , @houqinsheng, 202037049@mail.sdu.edu.cn from Shandong University.
Article : https://notes.sjtu.edu.cn/s/MUUhEymt7#