High severity7.5NVD Advisory· Published Jul 26, 2024· Updated Jun 17, 2026
CVE-2024-41813
CVE-2024-41813
Description
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery (SSRF) vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network. Version 1.6.1 patches the issue.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.