Next.js framework embeds an image optimization component which is enabled by default and allows dynamic resizing when requested. This feature leverages the 'next.config.js' configuration file to ensure that the target host being requested is allowed. When misconfigured, a remote and unauthenticated attacker can achieve, by default, a blind server-side request forgery and performs arbitrary requests from the target Next.js instance. Depending on the Next.js version, this can be escalated into a Cross-Site Scripting attack or leak the content of XML…Read More