CVE-2019-17566

2020-11-12T18:15:00
ID CVE-2019-17566
Type cve
Reporter cve@mitre.org
Modified 2020-11-20T09:15:00

Description

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.