Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
References
Link | Resource |
---|---|
https://huntr.dev/bounties/352b39da-0f2e-415a-9793-5480cae8bd27 | Exploit Third Party Advisory |
https://github.com/clinical-genomics/scout/commit/b0ef15f4737d0c801154c1991b52ff5cab4f5c83 | Patch Third Party Advisory |
Configurations
Information
Published : 2022-05-05 04:15
Updated : 2022-05-12 13:28
NVD link : CVE-2022-1592
Mitre link : CVE-2022-1592
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
clinical-genomics
- scout