Description
A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server.
Remediation
References
https://www.youtube.com/watch?v=JE1Kcq3iJpc
Related Vulnerabilities
CVE-2023-26104 Vulnerability in npm package lite-web-server
CVE-2020-14967 Vulnerability in maven package org.webjars.npm:jsrsasign
CVE-2021-44138 Vulnerability in maven package com.caucho:resin
CVE-2023-34189 Vulnerability in maven package org.apache.inlong:manager-web
CVE-2022-28820 Vulnerability in maven package com.adobe.acs:acs-aem-commons-ui.apps