CVE-2023-28155
CVE-2023-28155 is a Server-Side Request Forgery (SSRF) bypass in the Node.js Request package (up to v2.88.1) that allows cross-protocol redirects (HTTP↔HTTPS) via an attacker-controlled server. IBM documents associate this CVE with multiple products (e.g., IBM Maximo AI Service, IBM watsonx Orche...