Impact
An authenticated Server‑Side Request Forgery (CWE‑918) exists in the custom scraper subsystem of Benjamin Jonard Koillection v1.8.0. By supplying a crafted URL, an attacker with valid credentials can force the server to send requests to arbitrary internal resources, potentially exposing sensitive data or providing a foothold for further attacks. The flaw allows external control over outbound requests, compromising confidentiality and integrity of internal services. The vulnerability requires authentication, so the attacker must first compromise or use a legitimate user account to trigger the SSRF. Once authenticated, the attacker can target any reachable service within the internal network as long as the server has connectivity. This flaw is a classic example of Server‑Side Request Forgery, where the server unintentionally becomes a proxy for arbitrary external or internal requests, giving the attacker indirect access to otherwise unreachable resources.
Affected Systems
The affected product is Benjamin Jonard Koillection version 1.8.0. No other vendors or products are listed in the current CVE entry.
Risk and Exploitability
The CVSS score of 8.1 indicates a high severity for authenticated attacks, while the EPSS score of less than 1% reflects very low observed exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to access the web application as an authenticated user, then supply a maliciously crafted URL to the scraper component. Because the exploit is limited to valid user accounts, the risk is mitigated compared to unauthenticated SSRF, but the potential impact on internal services remains significant.
OpenCVE Enrichment