Key Information Vulnerability Overview Vulnerability Type: SSRF (Server-Side Request Forgery) Affected Versions: All versions Fixed Version: 1.1.0 Severity: High (CVSS v3.1: 7.5) Vulnerability Details Function: The endpoint uses LibreOffice's unoconv tool to convert files. Issue: An SSRF vulnerability exists during the file conversion process. Impact Risk: Attackers can exploit this vulnerability to perform server-side request forgery attacks, potentially leaking sensitive information or carrying out other malicious actions. PoC (Proof of Concept) References Understanding SSRF Principles and Risks Types of SSRF Attacks