B
85/100 First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
85/100
HIGH 1
Findings (1)
HIGH
Localhost bypass
L48 Detects alternative representations of localhost used to bypass SSRF filters
curl http://127.0.0.1: FIX
Prevent URL redirection from bypassing SSRF protections. Validate the final destination URL after following redirects and block redirect chains that resolve to internal addresses.
FP?
Likely FP if the match is documentation about redirect handling behavior without an actual open redirect vulnerability.