CVE-2021-40438 – Apache HTTP Server-Side Request Forgery (SSRF)

https://notcve.org/view.php?id=CVE-2021-40438

16 Sep 2021 — A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. Un uri-path diseñado puede causar que mod_proxy reenvíe la petición a un servidor de origen elegido por el usuario remoto. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores A Server-Side Request Forgery (SSRF) flaw was found in mod_proxy of httpd. This flaw allows a remote, unauthenticated attacker to make the ht... • https://github.com/sixpacksecurity/CVE-2021-40438 • CWE-918: Server-Side Request Forgery (SSRF) •