Share
## https://sploitus.com/exploit?id=E4F6B3FC-99DD-5638-BF22-1ED37F58D262
# CVE-2023-27163

>  Request-Baskets v1.2.1 - Server-side request forgery (SSRF)


request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.


## Installation

```
git clone https://github.com/0xFTW/CVE-2023-27163

cd CVE-2023-27163

pip3 install -r requirements.txt
```

## Usage

---
    python3 CVE-2023-27163.py url attack_server

Exploit Request Baskets Script

positional arguments:
> url            main path (/) of the server (eg. http://127.0.0.1:5000/)
  
> attack_server  ATTACK_SERVER

    options:
    -h, --help     show this help message and exit
---