[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":96,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":103,"vulnerability-29278":109,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":136},[4,15,20,27,34,41,46,53,59,66,71,78,83,90],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting","compliance-advanced-pentest-reporting","Prove your compliance. Get built-in validation with audit-ready reports.","https://pentest-tools.com/pricing",false,[11],"/features/advanced-pentest-reporting","Unlock audit-ready reports","primary",null,{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"Compliance - Advanced Pentest Reporting (A-B test)","compliance-advanced-pentest-reporting-1","Stop piecing together reports manually. Upgrade today to unlock instant proof for audits.",[11],{"title":21,"slug":22,"text":23,"link":8,"external":9,"targets":24,"cta":26,"variant":13,"campaign_id":14},"Compliance - Integrations","compliance-integrations","Disconnected tools hide compliance breaches. Stay audit-ready 24/7 with the right integrations.",[25],"/features/integrations","Automate your compliance",{"title":28,"slug":29,"text":30,"link":8,"external":9,"targets":31,"cta":32,"variant":33,"campaign_id":14},"Compliance - Integrations (A-B test)","compliance-integrations-1","Disconnected tools will fail your next audit. Unlock the integrations needed for compliance.",[25],"Connect your stack","secondary",{"title":35,"slug":36,"text":37,"link":8,"external":9,"targets":38,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier","compliance-ml-classifier","Put compliance on Auto this year with 50% fewer FPs. Go deeper with the WebNetSec plan.",[39],"/features/machine-learning-classifier","Explore WebNetSec",{"title":42,"slug":43,"text":44,"link":8,"external":9,"targets":45,"cta":40,"variant":13,"campaign_id":14},"Compliance - ML Classifier (A-B test)","compliance-ml-classifier-1","Ghost vulnerabilities drain time and chip your compliance. Upgrade to WebNetSec to stay audit-ready with 50% fewer FPs.",[39],{"title":47,"slug":48,"text":49,"link":8,"external":9,"targets":50,"cta":52,"variant":13,"campaign_id":14},"Compliance - Network Scanner","compliance-network-scanner","Map your attack surface and prove infrastructure compliance with the Network Scanner. Available with any plan.",[51],"/network-vulnerability-scanning/network-security-scanner-online","Upgrade your plan",{"title":54,"slug":55,"text":56,"link":8,"external":9,"targets":57,"cta":58,"variant":13,"campaign_id":14},"Compliance - Network Scanner (A-B test)","compliance-network-scanner-1","Unmapped assets are compliance landmines - upgrade your plan with complete attack surface visibility.",[51],"Get deep network scans",{"title":60,"slug":61,"text":62,"link":8,"external":9,"targets":63,"cta":65,"variant":13,"campaign_id":14},"Compliance - Pentest Robots","compliance-pentest-robots","Put compliance on Auto with Pentest Robots. Available with any plan.",[64],"/features/pentest-robots","Automate continuous scans",{"title":67,"slug":68,"text":69,"link":8,"external":9,"targets":70,"cta":65,"variant":13,"campaign_id":14},"Compliance - Pentest Robots (A-B test)","compliance-pentest-robots-1","Don’t leave compliance to chance - deploy Pentest Robots to quickly automate your audit readiness.",[64],{"title":72,"slug":73,"text":74,"link":8,"external":9,"targets":75,"cta":77,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter","compliance-sniper-auto-exploiter","Get audit-ready proof and put compliance on Auto with our proprietary Sniper: Auto-exploiter. Available with Pentest Suite.",[76],"/exploit-helpers/sniper","Get proof with Pentest Suite",{"title":79,"slug":80,"text":81,"link":8,"external":9,"targets":82,"cta":77,"variant":13,"campaign_id":14},"Compliance - Sniper: Auto-Exploiter (A-B test)","compliance-sniper-auto-exploiter-1","Deliver audit-ready proof instantly and stay compliant 24/7/365 - only with Sniper: Auto-Exploiter. Available with Pentest Suite.",[76],{"title":84,"slug":85,"text":86,"link":8,"external":9,"targets":87,"cta":89,"variant":13,"campaign_id":14},"Compliance - Website Scanner","compliance-website-scanner","Prove real risk instantly and put compliance on Auto with the Website Scanner. Available with the WebNetSec plan.",[88],"/website-vulnerability-scanning/website-scanner","Unlock AppSec compliance",{"title":91,"slug":92,"text":93,"link":8,"external":9,"targets":94,"cta":95,"variant":13,"campaign_id":14},"Compliance - Website Scanner (A-B test)","compliance-website-scanner-1","Web vulnerabilities let in devastating compliance fines. Stay audit-ready with deep, proprietary scans. Available with the WebNetSec plan.",[88],"Upgrade to WebNetSec",["Island",97],{"key":98,"params":99,"result":101},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":100},"{}",{"head":102},{},["Island",104],{"key":105,"params":106,"result":107},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":100},{"head":108},{},{"id":110,"detectable_with":111,"vuln_details":118,"vuln_id":133,"name":134,"published":135,"updated":14},29278,{"tool":112,"engine":115},{"id":113,"name":114},1,"Network Scanner",{"id":116,"name":117},2,"Nuclei",{"id":110,"codename":14,"description":14,"severity":119,"risk_description":120,"public_description":121,"public_recommendation":122,"recommendation":14,"references":123,"cvssv3":127,"epss_score":128,"epss_percentile":129,"cve":130,"in_cisa_catalog":9,"date":132,"software_type":14,"vendor":14,"product":14,"ptt_exploit_capabilities":14},"high","Full-read SSRF allowing access to internal services, cloud metadata endpoints (AWS/GCP/Azure IMDS), environment files, and any host reachable from the server.","Astro before 5.17.3 and @astrojs/node before 9.5.4 are vulnerable to full-read SSRF due to improper Host header validation in error page rendering, allowing attackers to redirect requests and access internal resources.","Upgrade to astro >= 5.17.3 or @astrojs/node >= 9.5.4. The fix reads prerendered error files directly from disk and validates the Host: header the same way X-Forwarded-Host was already validated.",[124,125,126],"https://github.com/withastro/astro/security/advisories/GHSA-qq67-mvv5-fw3g","https://github.com/withastro/astro/pull/15473","https://nvd.nist.gov/vuln/detail/CVE-2026-25545",8.6,0.05246,0.90033,[131],"CVE-2026-25545","2026-02-24T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2026-25545","Astro SSR - Server-Side Request Forgery","2026-05-07T00:00:00Z",["Island",137],{"key":138,"params":139,"result":141},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":140},"{\"text-color\":\"gray\"}",{"head":142},{}]