Lucene search
K

4 matches found

OSV
OSV
added 2022/05/03 12:0 a.m.16 views

GHSA-5HJH-C26M-XW8W ProxyScotch is vulnerable to a server-side Request Forgery (SSRF)

ProxyScotch is a simple proxy server created for hoppscotch.io. The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL...

7.5CVSS7.4AI score0.01313EPSS
Exploits1References4
NVD
NVD
added 2022/05/01 4:15 p.m.22 views

CVE-2022-25850

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

7.5CVSS0.01313EPSS
Exploits1References2
Prion
Prion
added 2022/05/01 4:15 p.m.17 views

Server side request forgery (ssrf)

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

5CVSS7.4AI score0.01313EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/01 3:20 p.m.22 views

CVE-2022-25850 Server-side Request Forgery (SSRF)

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

7.5CVSS7.6AI score0.01313EPSS
Exploits1References2
Rows per page
Query Builder