Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, the convert file to pdf functionality (/api/v1/convert/file/pdf) uses LibreOffices unoconvert tool for conversion, and SSRF vulnerabilities exist during the conversion process. This issue has been patched in version 1.1.0.
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.