Ok. So you’ve found a feature on a web application that fetches external resources. You’re able to pull content from all sorts of external sites and there doesn’t seem to be any restrictions on the file type that you can request… The application displays everything right back at you. Everything on this endpoint is screaming at you, that it is ripe for SSRF! So you start…
