Tag
Ech0 is vulnerable to Server-Side Request Forgery (SSRF) due to an unauthenticated API endpoint (`/api/website/title`) that fetches website titles from user-controlled URLs, lacking proper validation and TLS verification, allowing attackers to access internal resources and potentially cause denial of service.