Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WebLogic Server-Side Request Forgery (SSRF) Vulnerability - CVE-2020-11987 - Vulnerability Database
WebLogic

WebLogic Server-Side Request Forgery (SSRF) Vulnerability - CVE-2020-11987

High
Reference: CVE-2020-11987
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-11987
Title: WebLogic Server-Side Request Forgery (SSRF) Vulnerability
Overview:

Apache Batik 1.13 is vulnerable to server-side request forgery caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.