The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.

Skip to content

*   Penetration Testing
*   Prism
*   Why Prism?
*   Partners
    *   Service Provider Partners
    *   Penetration Testing Partners
*   Resources
    *   Tech Talks
    *   Blog
    *   Our Customers

*   Penetration Testing
*   Prism
*   Why Prism?
*   Partners
    *   Service Provider Partners
    *   Penetration Testing Partners
*   Resources
    *   Tech Talks
    *   Blog
    *   Our Customers

**Rootshell Discovered a Critical Vulnerability in Top WordPress Theme**

Rootshell Discovered a Critical Vulnerability in Top WordPress Theme

The Rootshell team discovered a critical vulnerability within Avada, the number one best-selling theme on WordPress.

Rootshell Security Consultant, Calum Elrick, identified a Server-Side Request Forgery (SSRF) issue by manipulating a parameter in the theme’s prebuilt contact form builders.

SSRF is a vulnerability that allows threat actors to create requests from the vulnerable server and access private IP addresses on the server’s local network.

This enables threat actors to target internal systems behind firewalls that are normally inaccessible, as well as access services from the same server that is listening on the loopback interface.

In summary, Server-Side Request Forgery attacks make it possible to:

*   Scan and attack systems from the internal network that are not normally accessible
*   Enumerate and attack services that are running on these hosts
*   Exploit host-based authentication services

On discovery of the issue, the Rootshell team quickly took action, and responsibly disclosed the vulnerability to Theme Fusion, the creators of Avada.

Theme Fusion addressed the issue promptly, and a patch has now been added in versions 7.6.2 (security update) and 7.7.

More details, including proof-of-concept code, will be available on our blog soon.

**This vulnerability affects Avada version 7.6.1 and below. We advise Avada users to update their version to the latest patch,** **available here****.**

**Share This Story, Choose Your Platform!**

**Related Posts**

*   Penetration Testing as a Service
*   Web Application Penetration Testing
*   Cloud Penetration Testing
*   Mobile Application Testing
*   Red Team as a Service
*   Cyber Threat Intelligence
*   Managed Vulnerability Scanning
*   Phishing Assessments

*   Prism Platform
*   Prism Plus+
*   Prism Features
*   Request a Demo

*   Tech Talks
*   Blog
*   Our Customers

*   Service Provider Partners
*   Penetration Testing Partners
*   About Us
*   Accreditations
*   Careers

© Copyright 2022 | Rootshell Security

Page load link

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies.

**Privacy Overview**

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie

Duration

Description

cookielawinfo-checkbox-analytics

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".

cookielawinfo-checkbox-functional

11 months

The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".

cookielawinfo-checkbox-necessary

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".

cookielawinfo-checkbox-others

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.

cookielawinfo-checkbox-performance

11 months

This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".

viewed\_cookie\_policy

11 months

The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

CVE-2022-1386: Rootshell Discovered a Critical Vulnerability in Top WordPress Theme

The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks

CVE-2022-1398

SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses

Permalink

Browse files

Adds isLinkLocalAddress() to address checks

*   Loading branch information

1 parent 4deecee commit cf5c78aa0f3127fb10053db55b39f3017a0654ae

Showing with **1 addition** and **0 deletions**.

1.  +1 −0 src/main/java/com/mxgraph/online/ProxyServlet.java

@@ -254,6 +254,7 @@ public boolean checkUrlParameter(String url)

return (protocol.equals("http") || protocol.equals("https"))

&& !address.isAnyLocalAddress()

&& !address.isLoopbackAddress()

&& !address.isLinkLocalAddress()

&& !host.endsWith(".internal") // Redundant

&& !host.endsWith(".local") // Redundant

&& !host.contains("localhost") // Redundant

**0 comments on commit cf5c78a**

Please sign in to comment.

CVE-2022-1722: Adds isLinkLocalAddress() to address checks · jgraph/drawio@cf5c78a

SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.

@@ -15,6 +15,7 @@ import java.net.URL; import java.net.URLConnection; import java.net.UnknownHostException; import java.net.InetAddress; import java.util.logging.Level; import java.util.logging.Logger;  
@@ -245,42 +246,51 @@ public boolean checkUrlParameter(String url) { URL parsedUrl = new URL(url); String protocol = parsedUrl.getProtocol(); String host = parsedUrl.getHost().toLowerCase(); String host = parsedUrl.getHost(); InetAddress address = InetAddress.getByName(host); String hostAddress = address.getHostAddress(); host = host.toLowerCase();  
return (protocol.equals("http") || protocol.equals("https")) && !host.endsWith(".internal") && !host.endsWith(".local") && !host.contains("localhost") && !host.startsWith("0.") // 0.0.0.0/8 && !host.startsWith("10.") // 10.0.0.0/8 && !host.startsWith("127.") // 127.0.0.0/8 && !host.startsWith("169.254.") // 169.254.0.0/16 && !host.startsWith("172.16.") // 172.16.0.0/12 && !host.startsWith("172.17.") // 172.16.0.0/12 && !host.startsWith("172.18.") // 172.16.0.0/12 && !host.startsWith("172.19.") // 172.16.0.0/12 && !host.startsWith("172.20.") // 172.16.0.0/12 && !host.startsWith("172.21.") // 172.16.0.0/12 && !host.startsWith("172.22.") // 172.16.0.0/12 && !host.startsWith("172.23.") // 172.16.0.0/12 && !host.startsWith("172.24.") // 172.16.0.0/12 && !host.startsWith("172.25.") // 172.16.0.0/12 && !host.startsWith("172.26.") // 172.16.0.0/12 && !host.startsWith("172.27.") // 172.16.0.0/12 && !host.startsWith("172.28.") // 172.16.0.0/12 && !host.startsWith("172.29.") // 172.16.0.0/12 && !host.startsWith("172.30.") // 172.16.0.0/12 && !host.startsWith("172.31.") // 172.16.0.0/12 && !host.startsWith("192.0.0.") // 192.0.0.0/24 && !host.startsWith("192.168.") // 192.168.0.0/16 && !host.startsWith("198.18.") // 198.18.0.0/15 && !host.startsWith("198.19.") // 198.18.0.0/15 && !address.isAnyLocalAddress() && !address.isLoopbackAddress() && !host.endsWith(".internal") // Redundant && !host.endsWith(".local") // Redundant && !host.contains("localhost") // Redundant && !hostAddress.startsWith("0.") // 0.0.0.0/8 && !hostAddress.startsWith("10.") // 10.0.0.0/8 && !hostAddress.startsWith("127.") // 127.0.0.0/8 && !hostAddress.startsWith("169.254.") // 169.254.0.0/16 && !hostAddress.startsWith("172.16.") // 172.16.0.0/12 && !hostAddress.startsWith("172.17.") // 172.16.0.0/12 && !hostAddress.startsWith("172.18.") // 172.16.0.0/12 && !hostAddress.startsWith("172.19.") // 172.16.0.0/12 && !hostAddress.startsWith("172.20.") // 172.16.0.0/12 && !hostAddress.startsWith("172.21.") // 172.16.0.0/12 && !hostAddress.startsWith("172.22.") // 172.16.0.0/12 && !hostAddress.startsWith("172.23.") // 172.16.0.0/12 && !hostAddress.startsWith("172.24.") // 172.16.0.0/12 && !hostAddress.startsWith("172.25.") // 172.16.0.0/12 && !hostAddress.startsWith("172.26.") // 172.16.0.0/12 && !hostAddress.startsWith("172.27.") // 172.16.0.0/12 && !hostAddress.startsWith("172.28.") // 172.16.0.0/12 && !hostAddress.startsWith("172.29.") // 172.16.0.0/12 && !hostAddress.startsWith("172.30.") // 172.16.0.0/12 && !hostAddress.startsWith("172.31.") // 172.16.0.0/12 && !hostAddress.startsWith("192.0.0.") // 192.0.0.0/24 && !hostAddress.startsWith("192.168.") // 192.168.0.0/16 && !hostAddress.startsWith("198.18.") // 198.18.0.0/15 && !hostAddress.startsWith("198.19.") // 198.18.0.0/15 && !host.endsWith(".arpa"); // reverse domain (needed?) } catch (MalformedURLException e) { return false; } catch (UnknownHostException e) { return false; } } else {

CVE-2022-1713: 18.0.3 release · jgraph/drawio@283d41e

IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors.

    # Exploit Title: SSRF in .NET C# IpMatcher v1.0.4.1 and below NuGet package: CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors.# Date: 22/09/2022# Exploit Author: Kelly Kaoudis & Sick Codes# Vendor Homepage: https://www.nuget.org/packages/IpMatcher/1.0.4.2# Version: 1.0.4.1 and below# Tested on: macOS, Linux, Windows# CVE: CVE-2021-33318# Reference: https://github.com/kaoudis/advisories/blob/main/0-2021.md# Reference: https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-060.md/* Author: Kelly Kaoudis* License: GPLv3** Requires:* `dotnet add package IpMatcher --version 1.0.4.1`** To run:* `dotnet run`*/using System;using IpMatcher;namespace dotnet{    class PoC    {        private static void checkExists(Matcher matcher, string ip, string mask)        {            if (matcher.Exists(ip, mask))            {                Console.WriteLine("matches on " + ip + " / " + mask);            }            else            {                Console.WriteLine("DOES NOT match on " + ip + " / " + mask);            }        }        private static void checkMatchExists(Matcher matcher, string ip)        {            if (matcher.MatchExists(ip))            {                Console.WriteLine("matches on " + ip);            }            else            {                Console.WriteLine("DOES NOT match on " + ip);            }        }        private static void dumpMatcher(Matcher matcher)        {            Console.WriteLine("\nWhat is actually in the matcher now (if nothing follows on the next line, nothing)?");            foreach (string addr in matcher.All())            {                Console.WriteLine("address from matcher: " + addr);            }            Console.WriteLine("");        }        static void Main(string[] args)        {            Console.WriteLine("Constructing a new IpMatcher#Matcher...");            Matcher matcher = new Matcher();            // nothing in the matcher yet            dumpMatcher(matcher);            Console.WriteLine("adding 192.31.196.0 / 0.0.0.0 (mask)");            matcher.Add("192.31.196.0", "0.0.0.0");            // contains 0.0.0.0 / 0.0.0.0 (incorrect)            dumpMatcher(matcher);            checkExists(matcher, "192.31.196.2", "0.0.0.0");            checkExists(matcher, "192.31.196.1", "0.0.0.0");            checkExists(matcher, "192.31.196.0", "0.0.0.0"); // should match but does not            checkExists(matcher, "0.0.0.0", "255.0.0.0"); //should not match            checkExists(matcher, "0.0.0.0", "0.0.0.0");            checkMatchExists(matcher, "0.0.0.0");            checkMatchExists(matcher, "192.31.196.0");            checkMatchExists(matcher, "192.31.196.1");            //checkMatchExists(matcher, "0192.031.0196.0"); throws parse exception and not sure why            checkMatchExists(matcher, "0300.037.0304.0"); // octal for 192.31.196.0            checkMatchExists(matcher, "0300.037.0304.01");            checkMatchExists(matcher, "0300.036.0304.0"); // should not match but does            checkMatchExists(matcher, "0100.0100.0100.0100"); // should not match but does        //    checkMatchExists(matcher, "aaaaaaaaaa"); thankfully results in exception            // results in invalid argument exception           // if (matcher.MatchExists("0192.031.0196.02"))           // {           //     Console.WriteLine("gross! matches 0192.031.0196.02");           // }            Console.WriteLine("adding 192.168.0.0 / 255.0.0.0 (mask)");            matcher.Add("192.168.0.0", "255.0.0.0");            checkExists(matcher, "192.167.0.1", "255.0.0.0");            checkExists(matcher, "192.168.0.0", "255.0.0.0");            checkExists(matcher, "192.168.1.1", "255.0.0.0");            checkMatchExists(matcher, "172.13.2.15");            checkMatchExists(matcher, "010.1.1.1");            checkMatchExists(matcher, "4.4.4.4");            Console.WriteLine("adding 0300.055.0250.0 / 1.1.0.0 (mask)");            matcher.Add("0300.055.0250.0", "1.1.0.0");            checkExists(matcher, "192.45.168.0", "1.1.0.0");            checkExists(matcher, "0300.055.0250.0", "0.0.0.0");            checkExists(matcher, "0300.055.0250.0300", "1.1.0.0");            checkExists(matcher, "0288.055.0250.0", "1.1.0.0");            checkMatchExists(matcher, "2130706433");            checkMatchExists(matcher, "017700000001");            checkMatchExists(matcher, "3232235521");            checkMatchExists(matcher, "3232235777");            checkMatchExists(matcher, "0x7f.0x00.0x00.0x01");            checkMatchExists(matcher, "0xc0.0xa8.0x00.0x14");            Console.WriteLine("adding 0300.055.0250.0 / 0377.0.0.0 (mask)");            matcher.Add("0300.055.0250.0", "0377.0.0.0");            Console.WriteLine("adding 0250.0300.010.010 / 0.0.0.0 (mask)");            matcher.Add("0250.0300.010.010", "0.0.0.0");            Console.WriteLine("adding 0250.0300.010.010 / 010.010.010.0 (mask)");            matcher.Add("0250.0300.010.010", "010.010.010.0");            // anything ending in 8 or 9 doesn't work            Console.WriteLine("adding 0172.057.0.0 / 0.0.0.0 (mask)");            matcher.Add("0172.057.0.0", "0.0.0.0");            Console.WriteLine("adding 0172.057.0.0 / 055.055.013.0 (mask)");            matcher.Add("0172.057.0.0", "055.055.013.0");         //   matcher.Add("08.09.0.0", "01.01.01.0"); fails as it should            Console.WriteLine("adding 010.010.0172.0 / 0.0.0.0 (mask)");            matcher.Add("010.010.0172.0", "0.0.0.0");            Console.WriteLine("adding 010.010.0172.0 / 01.01.01.01 (mask)");            matcher.Add("010.010.0172.0", "01.01.01.01");            Console.WriteLine("adding 010.010.0172.0 / 010.010.0172.010 (mask)");            matcher.Add("010.010.0172.0", "010.010.0172.010");            Console.WriteLine("adding 010.010.0172.0 / 010.010.0.010 (mask)");            matcher.Add("010.010.0172.0", "010.010.0.010");            Console.WriteLine("adding 010.010.0172.0 / 010.010.0.010 (mask)");            matcher.Add("010.010.0172.0", "010.010.0255.010");            Console.WriteLine("adding 0xaa.0xaa.0xaa.0xaa / 0xaa.0xfe.0xfe.0xfe (mask)");            matcher.Add("0xaa.0xaa.0xaa.0xaa", "0xfe.0xfe.0xfe.0xfe");          //  fails with exception as it should as 0xfff is tooooo biggggg          //  matcher.Add("0xfff.0xfff.0xfff.0x0", "0x0.0x0.0x0.0x0");            Console.WriteLine("adding 0xf0.0x0.0x0.0x0 / 0xff.0x0.0x0.0x0 (mask)");            matcher.Add("0xf0.0x0.0x0.0x0", "0xff.0x0.0x0.0x0");            // now contains the following:            // 0.0.0.0/0.0.0.0            // 192.0.0.0/255.0.0.0            // 0.1.0.0/1.1.0.0            // 192.0.0.0/0377.0.0.0            // 8.0.8.0/010.010.010.0            // 40.45.0.0/055.055.013.0            // 8.8.122.0/010.010.0172.010            // 8.8.0.0/010.010.0.010            // 8.8.40.0/010.010.0255.010            // 170.170.170.170/0xfe.0xfe.0xfe.0xfe            // 240.0.0.0/0xff.0x0.0x0.0x0            dumpMatcher(matcher);        }    }}

IpMatcher 1.0.4.1 Server-Side Request Forgery

Calibre-Web before 0.6.18 allows user table SQL Injection.

**Security Policy****Reporting a Vulnerability**

Please report security issues to ozzie.fernandez.isaacs@googlemail.com

**Supported Versions**

To receive fixes for security vulnerabilities it is required to always upgrade to the latest version of Calibre-Web. See https://github.com/janeczku/calibre-web/releases/latest for the latest release.

**History**

Fixed in

Description

CVE number

3rd July 2018

Guest access acts as a backdoor

V 0.6.7

Hardcoded secret key for sessions

CVE-2020-12627

V 0.6.13

Calibre-Web Metadata cross site scripting

CVE-2021-25964

V 0.6.13

Name of Shelves are only visible to users who can access the corresponding shelf Thanks to @ibarrionuevo

V 0.6.13

JavaScript could get executed in the description field. Thanks to @ranjit-git and Hagai Wechsler (WhiteSource)

V 0.6.13

JavaScript could get executed in a custom column of type "comment" field

V 0.6.13

JavaScript could get executed after converting a book to another format with a title containing javascript code

V 0.6.13

JavaScript could get executed after converting a book to another format with a username containing javascript code

V 0.6.13

JavaScript could get executed in the description series, categories or publishers title

V 0.6.13

JavaScript could get executed in the shelf title

V 0.6.13

Login with the old session cookie after logout. Thanks to @ibarrionuevo

V 0.6.14

CSRF was possible. Thanks to @mik317 and Hagai Wechsler (WhiteSource)

CVE-2021-25965

V 0.6.14

Migrated some routes to POST-requests (CSRF protection). Thanks to @scara31

CVE-2021-4164

V 0.6.15

Fix for "javascript:" script links in identifier. Thanks to @scara31

CVE-2021-4170

V 0.6.15

Cross-Site Scripting vulnerability on uploaded cover file names. Thanks to @ibarrionuevo

V 0.6.15

Creating public shelfs is now denied if user is missing the edit public shelf right. Thanks to @ibarrionuevo

V 0.6.15

Changed error message in case of trying to delete a shelf unauthorized. Thanks to @ibarrionuevo

V 0.6.16

JavaScript could get executed on authors page. Thanks to @alicaz

CVE-2022-0352

V 0.6.16

Localhost can no longer be used to upload covers. Thanks to @scara31

CVE-2022-0339

V 0.6.16

Another case where public shelfs could be created without permission is prevented. Thanks to @nhiephon

CVE-2022-0273

V 0.6.16

It's prevented to get the name of a private shelfs. Thanks to @nhiephon

CVE-2022-0405

V 0.6.17

The SSRF Protection can no longer be bypassed via an HTTP redirect. Thanks to @416e6e61

CVE-2022-0767

V 0.6.17

The SSRF Protection can no longer be bypassed via 0.0.0.0 and it's ipv6 equivalent. Thanks to @r0hanSH

CVE-2022-0766

V 0.6.18

Possible SQL Injection is prevented in user table Thanks to Iman Sharafaldin (Forward Security)

CVE-2022-30765

V 0.6.18

The SSRF protection no longer can be bypassed by IPV6/IPV4 embedding. Thanks to @416e6e61

CVE-2022-0939

V 0.6.18

The SSRF protection no longer can be bypassed to connect to other servers in the local network. Thanks to @michaellrowley

CVE-2022-0990

**Statement regarding Log4j (CVE-2021-44228 and related)**

Calibre-web is not affected by bugs related to Log4j. Calibre-Web is a python program, therefore not using Java, and not using the Java logging feature log4j.

CVE-2022-30765: calibre-web/SECURITY.md at master · janeczku/calibre-web

A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet information via the fileurl parameter.

**Have a question about this project?** Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Pick a username

Email Address

Password

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2022-30049: SSRF vulnerability · Issue #460 · getrebuild/rebuild

URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers.

@@ -210,6 +210,14 @@ public String toString() { addMagic(SName.usecase); addMagic(SName.map); addMagic(SName.archimate);  
  
// addConvert("nodeStereotypeFontSize", PName.FontSize, SName.node, SName.stereotype); // addConvert("sequenceStereotypeFontSize", PName.FontSize, SName.stereotype); // addConvert("sequenceStereotypeFontStyle", PName.FontStyle, SName.stereotype); // addConvert("sequenceStereotypeFontColor", PName.FontColor, SName.stereotype); // addConvert("sequenceStereotypeFontName", PName.FontName, SName.stereotype);  
  
}  
@@ -221,8 +229,14 @@ private static void addMagic(SName sname) { addConvert(cleanName + "RoundCorner", PName.RoundCorner, sname); addConvert(cleanName + "DiagonalCorner", PName.DiagonalCorner, sname); addConvert(cleanName + "BorderStyle", PName.LineStyle, sname); addConvert(cleanName + "StereotypeFontColor", PName.FontColor, SName.stereotype, sname); addConFont(cleanName, sname); addConvert(cleanName + "Shadowing", PName.Shadowing, sname);  
addConvert(cleanName + "StereotypeFontSize", PName.FontSize, SName.stereotype, sname); addConvert(cleanName + "StereotypeFontStyle", PName.FontStyle, SName.stereotype, sname); addConvert(cleanName + "StereotypeFontColor", PName.FontColor, SName.stereotype, sname); addConvert(cleanName + "StereotypeFontName", PName.FontName, SName.stereotype, sname);  
}  
private final List<Style\> styles = new ArrayList<>(); @@ -234,7 +248,7 @@ public FromSkinparamToStyle(String key) { if (key.contains("<<")) { final StringTokenizer st = new StringTokenizer(key, "<>"); this.key = st.nextToken(); this.stereo = st.hasMoreTokens() ? st.nextToken() : null; this.stereo = st.hasMoreTokens() ? st.nextToken().trim() : null; } else { this.key = key; this.stereo = null; @@ -243,6 +257,12 @@ public FromSkinparamToStyle(String key) { }  
public void convertNow(String value, final AutomaticCounter counter) { if (key.endsWith("shadowing")) { if (value.equalsIgnoreCase("false")) value = "0"; else if (value.equalsIgnoreCase("true")) value = "3"; } if (value.equalsIgnoreCase("right:right")) value = "right"; if (value.equalsIgnoreCase("dotted"))

Tag

#ssrf