3 matches found
CVE-2022-36663
Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...
Exploit for Server-Side Request Forgery in Gluu Oxauth
CVE-2022-36663-PoC Internal network scanner through Gluu IAM b...
CVE-2022-36663
Gluu OxAuth up to version 4.4.1 is affected by a blind SSRF due to a crafted request_uri parameter in /oxauth/restv1/authorize. The CVE-2022-36663 entry has a high-impact score (9.8) with network, no auth, and no user interaction required; the vulnerability can enable an attacker to induce outbou...