Misp Modules
Monthly
Server-Side Request Forgery bypass in the html_to_markdown expansion module of misp-modules lets an authenticated attacker reach internal, loopback, and link-local services that the module's IP range filtering was meant to block. By supplying an IPv4-mapped IPv6 address such as http://[::ffff:169.254.169.254]/ (or a hostname resolving to one), the attacker defeats the blocked-range checks and can pull back internal content — including cloud instance metadata — rendered back to them as Markdown. No public exploit identified at time of analysis and it is not in CISA KEV, but the underlying IPv4-mapped-IPv6 filter bypass is a well-understood, easily reproduced technique.
Server-Side Request Forgery bypass in the html_to_markdown expansion module of misp-modules lets an authenticated attacker reach internal, loopback, and link-local services that the module's IP range filtering was meant to block. By supplying an IPv4-mapped IPv6 address such as http://[::ffff:169.254.169.254]/ (or a hostname resolving to one), the attacker defeats the blocked-range checks and can pull back internal content — including cloud instance metadata — rendered back to them as Markdown. No public exploit identified at time of analysis and it is not in CISA KEV, but the underlying IPv4-mapped-IPv6 filter bypass is a well-understood, easily reproduced technique.