Description
A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server.
Remediation
References
https://www.youtube.com/watch?v=JE1Kcq3iJpc
Related Vulnerabilities
CVE-2015-2944 Vulnerability in maven package org.apache.sling:org.apache.sling.api
CVE-2021-22135 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2018-3722 Vulnerability in npm package merge-deep
CVE-2017-16120 Vulnerability in npm package liyujing
CVE-2023-45137 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates