Security Advisory
CVE-2022-38298
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side Request Forgery (SSRF) via redirecting incoming requests to the AWS internal metadata endpoint.