Server-side Request Forgery (SSRF)

github.com/hoppscotch/proxyscotch is vulnerable to server-side request forgery. When the interceptor mode is set to proxy, An attacker can make HTTP requests to untrusted URLs through the main function of server.go and gain access to sensitive information...

GHSA-5HJH-C26M-XW8W ProxyScotch is vulnerable to a server-side Request Forgery (SSRF)

ProxyScotch is a simple proxy server created for hoppscotch.io. The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL...

ProxyScotch is vulnerable to a server-side Request Forgery (SSRF)

ProxyScotch is a simple proxy server created for hoppscotch.io. The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL...

CVE-2022-25850

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

Server side request forgery (ssrf)

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

CVE-2022-25850 Server-side Request Forgery (SSRF)

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

CVE-2022-25850

CVE-2022-25850 affects the Go package github.com/hoppscotch/proxyscotch prior to 1.0.0. When interceptor mode is set to proxy, an SSRF flaw allows a backend server to issue HTTP requests to untrusted URLs supplied by a user, potentially leaking sensitive server information. The vulnerability is d...

CVE-2022-25850

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

proxyscotch 代码问题漏洞

proxyscotch is a simple proxy server. A security vulnerability exists in versions of proxyscotch prior to 1.0.0, which is susceptible to server-side request forgery SSRF attacks. The vulnerability is triggered when a back-end server makes an HTTP request to an untrusted URL submitted by a user,...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information from the server...