Description
Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF (Server-Side Request Forgery) attacks via a crafted request_uri parameter.
Remediation
References
https://gluu.org/gluu-4-4-1/
https://github.com/GluuFederation/oxAuth/releases/tag/4.4.1
Related Vulnerabilities
CVE-2018-10936 Vulnerability in maven package org.postgresql:postgresql
CVE-2022-36890 Vulnerability in maven package org.jenkins-ci.plugins:deployer-framework
CVE-2021-32769 Vulnerability in maven package io.micronaut:micronaut-core
CVE-2018-25031 Vulnerability in maven package org.webjars.bower:swagger-ui