Description
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
Remediation
References
https://www.ciphertechs.com/hawtio-advisory/
Related Vulnerabilities
CVE-2020-7635 Vulnerability in npm package compass-compile
CVE-2021-32854 Vulnerability in maven package org.webjars.bower:textangular
CVE-2020-7661 Vulnerability in maven package org.webjars.npm:url-regex
CVE-2023-26156 Vulnerability in maven package org.webjars.npm:chromedriver
CVE-2017-5638 Vulnerability in maven package org.apache.struts:struts2-core