Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:35353
HistoryMay 04, 2022 - 8:54 a.m.

Server-side Request Forgery (SSRF)

2022-05-0408:54:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
32
server-side request forgery
proxyscotch
interceptor mode
http requests
sensitive information

EPSS

0.001

Percentile

51.0%

github.com/hoppscotch/proxyscotch is vulnerable to server-side request forgery. When the interceptor mode is set to proxy, An attacker can make HTTP requests to untrusted URLs through the main function of server.go and gain access to sensitive information

EPSS

0.001

Percentile

51.0%

Related for VERACODE:35353