In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Server-side Request Forgery (SSRF) vulnerabilities in an interactive lesson.
Start learningUpgrade @jshookmcp/jshook to version 0.3.2 or higher.
@jshookmcp/jshook is a MCP server with built-in tools across multiple domains for AI-assisted JavaScript analysis and security analysis — browser automation, CDP debugging, network monitoring, JS hooks, code analysis, and workflow orchestration
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) in the network_icmp_probe and network_traceroute processes. An attacker can access internal network information by sending requests that bypass the central authorization policy, allowing the probing of private, loopback, link-local, or reserved IP addresses from the server's network position.