Stronger input validation to prevent SSRF
We got the report from the ROS security quickscan, that our application is vulnerable for SSRF attacks. They gave us a pointer to get more information about this: https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html
This is especially true for /api/v1/federation/libraries/fetch
and its fid
parameter.