FILTER_VALIDATE_URL bypass in PHP 8

Reported a bypass of FILTER_VALIDATE_URL filter in PHP 8 that can lead to SSRF by escaping the URL validations in any PHP target which depend on FILTER_VALIDATE_URL.
  • Posted on: 2021-07-16 22:03
  • Reading Time: 0 min
  • Share on:
    Y Combinator
    Reddit
    Mastodon

References