1 results (0.004 seconds)
CVSS: 8.2EPSS: 9%CPEs: 1EXPL: 1
CVSS: 8.2EPSS: 9%CPEs: 1EXPL: 1CVE-2022-24129
https://notcve.org/view.php?id=CVE-2022-24129
04 Feb 2022 — The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services. El plugin OIDC OP versiones anteriores a 3.0.4, para Shibboleth Identity Provider permite un ataque de tipo server-side request forgery (SSRF) debido a una restricción insuficiente del parámetro request_uri. Esto permite a atacantes interactuar con servicios HTTP arb... • http://shibboleth.net/community/advisories • CWE-918: Server-Side Request Forgery (SSRF) •