PodcastGenerator Blind Server-Side Request Forgery Vulnerability in Episode Upload Feature

A blind server-side request forgery (SSRF) vulnerability has been identified in PodcastGenerator version 3.2.9. This vulnerability allows attackers to inject XML into the episode upload form by manipulating the 'shortdesc' parameter. During the podcast episode creation process, these injected XML payloads can trigger external HTTP requests to arbitrary endpoints.

Impact

Exploitation of this vulnerability could lead to unauthorized external requests being made from the server, potentially allowing for further attacks or information disclosure.

Reproduction

To reproduce this vulnerability, upload a new podcast episode through the admin interface. In the 'Short Description' section, insert a payload that includes XML injection, specifically targeting the 'shortdesc' parameter. Once the episode is uploaded, the injected XML will cause the server to make a request to the specified endpoint, demonstrating the SSRF vulnerability.