Security Advisory

CVE-2022-38298

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-12 21:49:54
Last updated 2024-08-03 10:54:02
Assigner mitre
State PUBLISHED

Description

Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side Request Forgery (SSRF) via redirecting incoming requests to the AWS internal metadata endpoint.