CVE-2023-50258 is a server-side request forgery (SSRF) vulnerability affecting pymedusa's Medusa software versions prior to 1.0.19. Medusa is an automatic video library manager primarily used for organizing TV shows. The vulnerability arises from improper validation of user-supplied input in the `testDiscord` request handler located in `medusa/server/web/home/handler.py`. Specifically, the `discord_webhook` parameter, which is user-controlled, is passed without sanitization to the `notifiers.discord_notifier.test_notify` method. This method subsequently calls `_notify_discord` and `_send_discord_msg` in `medusa/notifiers/discord.py`, which sends a POST request to the URL specified by the `discord_webhook` parameter. Because the URL is user-controlled and unchecked, an attacker can craft arbitrary POST requests originating from the Medusa server to internal or external systems. This is a blind SSRF vulnerability, meaning the attacker does not receive direct feedback from the targeted server but can still cause the Medusa server to interact with arbitrary endpoints. The vulnerability allows attackers to potentially access internal network resources, bypass firewall restrictions, or interact with services that are otherwise inaccessible externally. The issue has been fixed in Medusa version 1.0.19 by implementing proper validation and sanitization of the `discord_webhook` parameter to prevent unauthorized request redirection. No known exploits have been reported in the wild as of the publication date (December 22, 2023).

For European organizations using Medusa versions prior to 1.0.19, this SSRF vulnerability poses a moderate risk. Attackers could leverage the vulnerability to pivot into internal networks by sending crafted POST requests to internal services that are not exposed externally, potentially leading to information disclosure or further exploitation. This could impact confidentiality if sensitive internal endpoints are accessed, integrity if internal services are manipulated via forged requests, and availability if internal resources are overwhelmed or disrupted. Given that Medusa is often deployed in home or small office environments for media management, the direct impact on large enterprise environments may be limited. However, organizations that integrate Medusa into broader media or content management workflows could face risks if internal services are exposed via SSRF. Additionally, the unauthenticated nature of the vulnerability increases the attack surface, allowing remote attackers to exploit it without credentials. The blind nature of the SSRF limits immediate feedback to attackers but does not diminish the potential for lateral movement or reconnaissance within internal networks. Overall, the impact is medium severity but could escalate if combined with other vulnerabilities or misconfigurations.

Upgrade Medusa to version 1.0.19 or later, where the SSRF vulnerability has been patched. If immediate upgrade is not feasible, restrict network egress from the Medusa server to only trusted endpoints, preventing arbitrary outbound HTTP requests. Implement network-level controls such as firewall rules or proxy filtering to block unauthorized outbound requests from the Medusa server, especially to internal IP ranges. Disable or restrict the use of the Discord notification feature if it is not required, reducing the attack surface. Monitor logs for unusual outbound HTTP requests originating from the Medusa server, particularly POST requests to unexpected destinations. Conduct internal network scans to identify any services that could be targeted via SSRF and apply appropriate access controls or authentication mechanisms to those services. Educate users and administrators about the risks of SSRF and ensure secure configuration of webhook URLs, avoiding user-controlled inputs where possible.