Security Advisory

CVE-2020-11988

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-24 17:05:39

Last updated 2024-08-04 11:48:57

Assigner apache

State PUBLISHED

Description

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.

← Browse all CVEs View on cve.org ↗