Tag
An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in MagicMirror² allows remote attackers to force the server to perform arbitrary HTTP requests, exfiltrate environment variables, and potentially compromise cloud instances or internal networks.