Description
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
Remediation
References
https://www.ciphertechs.com/hawtio-advisory/
Related Vulnerabilities
CVE-2021-43788 Vulnerability in npm package nodebb
CVE-2020-15119 Vulnerability in npm package auth0-lock
CVE-2010-1870 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2021-25943 Vulnerability in npm package 101
CVE-2020-9298 Vulnerability in maven package com.netflix.spinnaker.orca:orca-core