Description
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
Remediation
References
Related Vulnerabilities
WordPress Plugin Zingiri Web Shop Unspecified Vulnerability (2.6.5)
WordPress Plugin Login With Ajax Cross-Site Scripting (3.1.6)
MySQL CVE-2017-10155 Vulnerability (CVE-2017-10155)
PHP Out-of-bounds Read Vulnerability (CVE-2018-10549)
WordPress Plugin RBX Gallery 'uploader.php' Arbitrary File Upload (2.1)