# CVE-2023-27163
This is a PoC for [CVE-2023-27163]( which is a SSRF vulnerability present in [request-baskets]( upto `v1.2.1`. 
This vulnerability allows attackers to access sensitive network resources via `/api/baskets/{name}`. 
The request-baskets contains a functionality where a user can specify another server to forward the requests. 

The issue here is that the user can also specify unintended services, such as network-closed internal applications.

## Usage
$ python3 --help
Usage: python3 <URL> <TARGET>

URL		main path (/) of the server (eg. http://node-app:55555)
TARGET		r-baskets target server (eg.

## References
- [](
- [](
- [](
- [](