VitaraCharts Server-Side Request Forgery Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability has been identified in VitaraCharts version 5.3.5. The issue resides in the fileLoader.jsp endpoint, allowing attackers to send arbitrary HTTP requests using the file query parameter and read the full responses. This vulnerability could be exploited to access internal resources and bypass access controls.

Impact

Exploitation of this vulnerability allows for unauthorized access to internal resources by sending requests to arbitrary URLs and reading the responses. This could also be used to perform port scanning on internal hosts by comparing HTTP responses from different ports.

Reproduction

To reproduce this vulnerability, send a GET request to the fileLoader.jsp endpoint with a crafted file parameter that includes an absolute URL to a target resource. The response from the requested URL will be returned, demonstrating control over the file parameter and the ability to access internal resources.