FCSC 2026 – Bubulle Corp (Part 1/2)TL;DR: SSRF by bypassing the https:// scheme filter through an XML parsing discrepancy