1. Workspace-Server SSRF Guard Bypass: Unpatched isSafeURL Flaw Exposes Internal Services via WebSocket Protocols
A critical SSRF (Server-Side Request Forgery) bypass vulnerability has been identified in workspace-server's URL validation logic, leaving internal services exposed to potential WebSocket-based attacks. The flaw, catalogued as a P0 severity issue, resides in the isSafeURL function within workspace-server/internal/handl...