Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0.
5.4CVSS
5.5AI Score
0.001EPSS
imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
5.3CVSS
5.2AI Score
0.002EPSS