From c81b7226552ab2637df9736f4b3a6738da8923b1 Mon Sep 17 00:00:00 2001
From: dvz <devilshakerz@gmail.com>
Date: Tue, 30 Apr 2024 18:13:44 +0200
Subject: [PATCH] Fix incomplete disallowed remote addresses list SSRF

# Conflicts:
#	install/index.php
---
 inc/src/Maintenance/functions_data.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/inc/src/Maintenance/functions_data.php b/inc/src/Maintenance/functions_data.php
index 6f48929abb..4e74e017d4 100644
--- a/inc/src/Maintenance/functions_data.php
+++ b/inc/src/Maintenance/functions_data.php
@@ -173,7 +173,8 @@ function writeConfigurationFile(array $config): void
      */
 
     \$config['disallowed_remote_addresses'] = array(
-        '127.0.0.1',
+        '0.0.0.0',
+        '127.0.0.0/8',
         '10.0.0.0/8',
         '172.16.0.0/12',
         '192.168.0.0/16',