Security Advisory

CVE-2022-25850

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-01 15:20:09

Last updated 2024-09-16 22:36:02

Assigner snyk

State PUBLISHED

Description

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information from the server.

← Browse all CVEs View on cve.org ↗