Severity |
|
Remote |
|
Type |
- |
Unknown |
+ |
Url request injection |
|
Description |
+ |
The Apache XML Graphics Commons library before version 2.6 is vulnerable to server-side request forgery (SSRF) via the XMPParser that allow an attacker to cause the underlying server to make arbitrary GET requests. |
|
References |
+ |
https://www.openwall.com/lists/oss-security/2021/02/24/1 |
+ |
https://xmlgraphics.apache.org/security.html |
+ |
https://issues.apache.org/jira/browse/XGC-122 |
+ |
https://svn.apache.org/viewvc?view=revision&revision=1878394 |
|
Notes |
|