1. Critical SSRF Vulnerability in Webhook Engine Poses Tenant Isolation Risk Ahead of Customer Pilot
An architecture review has flagged a critical Server-Side Request Forgery (SSRF) vulnerability in the platform's automation engine that could expose internal infrastructure to tenant compromise. The flaw resides in the webhook action type, which allows customers to configure POST requests to arbitrary URLs. Security au...