Lucene search

K
osvGoogleOSV:GHSA-5HJH-C26M-XW8W
HistoryMay 03, 2022 - 12:00 a.m.

ProxyScotch is vulnerable to a server-side Request Forgery (SSRF)

2022-05-0300:00:44
Google
osv.dev
9

0.001 Low

EPSS

Percentile

51.0%

ProxyScotch is a simple proxy server created for hoppscotch.io. The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information from the server.

0.001 Low

EPSS

Percentile

51.0%

Related for OSV:GHSA-5HJH-C26M-XW8W