speakturbo-tts

clawhub:speakturbo-tts

View source

84/100

First Seen

Feb 20, 2026

Last Scanned

Feb 22, 2026

Findings

Score

84/100

MEDIUM 2

Findings (2)

MEDIUM

Localhost bypass SSRF_006

ssrf-cloud L124

Detects alternative representations of localhost used to bypass SSRF filters

curl http://127.0.0.1:

FIX

Prevent URL redirection from bypassing SSRF protections. Validate the final destination URL after following redirects and block redirect chains that resolve to internal addresses.

FP?

Likely FP if the match is documentation about redirect handling behavior without an actual open redirect vulnerability.

MEDIUM

Localhost bypass SSRF_006

ssrf-cloud L152

Detects alternative representations of localhost used to bypass SSRF filters

curl http://127.0.0.1:

FIX

Prevent URL redirection from bypassing SSRF protections. Validate the final destination URL after following redirects and block redirect chains that resolve to internal addresses.

FP?

Likely FP if the match is documentation about redirect handling behavior without an actual open redirect vulnerability.