Description
Oracle EBS iHelp component allows remote attackers to interact with internal network resources via Server Side Request Forgery (SSRF).
Remediation
Upgrade to the latest version of Oracle E-Business Suite
References
Related Vulnerabilities
Deserialization of Untrusted Data (Java Object Deserialization)
Deserialization of Untrusted Data (Java JSON Deserialization) Genson
WordPress Plugin JSM file_get_contents() Shortcode Server-Side Request Forgery (2.7.0)
Remote code execution of user-provided local names in Rails
Oracle Business Intelligence ReportTemplateService XXE (CVE-2021-2400)