ajinabraham.njsscan.ssrf.ssrf_wkhtmltopdf.wkhtmltopdf_ssrf

ajinabraham

Author

unknown

Download Count*

GPLv3

License

User controlled URL reached to wkhtmltopdf can result in Server Side Request Forgery (SSRF).

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: wkhtmltopdf_ssrf
    patterns:
      - pattern-inside: |
          require('wkhtmltopdf')
          ...
      - pattern-either:
          - pattern-inside: function ($REQ, $RES, ...) {...}
          - pattern-inside: function $FUNC($REQ, $RES, ...) {...}
          - pattern-inside: $X = function $FUNC($REQ, $RES, ...) {...}
          - pattern-inside: var $X = function $FUNC($REQ, $RES, ...) {...};
          - pattern-inside: $APP.$METHOD(..., function $FUNC($REQ, $RES, ...) {...})
      - pattern-either:
          - pattern: |
              $INP = <... $REQ.$VAR ...>;
              ...
              wkhtmltopdf(<... $INP ...>, ...)
          - pattern: |
              $INP = <... $REQ.$VAR.$FOO ...>;
              ...
              wkhtmltopdf(<... $INP ...>, ...)
          - pattern: |
              wkhtmltopdf(<... $REQ.$VAR ...>, ...)
          - pattern: |
              wkhtmltopdf(<... $REQ.$VAR.$FOO ...>, ...)
    message: User controlled URL reached to `wkhtmltopdf` can result in Server Side
      Request Forgery (SSRF).
    languages:
      - javascript
    severity: ERROR
    metadata:
      owasp-web: a1
      cwe: cwe-918
      license: LGPL-3.0-or-later
      vulnerability_class:
        - Other

Short Link: https://sg.run/RxEe