Impact
A user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged network access of server-side requests could offer opportunities for attack escalation.
Patches
Fixed since version 1.7.6
Mitigation was to use the proxy for untrusted fetches intended for such purposes.
Workarounds
Avoid making http/https endpoints available to an instance running Grist that expose credentials or operate without credentials.
Impact
A user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged network access of server-side requests could offer opportunities for attack escalation.
Patches
Fixed since version 1.7.6
Mitigation was to use the proxy for untrusted fetches intended for such purposes.
Workarounds
Avoid making http/https endpoints available to an instance running Grist that expose credentials or operate without credentials.