Description
The OpenID Connect server implementation for MITREid Connect through 1.3.3 is vulnerable to a Server Side Request Forgery (SSRF) vulnerability. The vulnerability arises due to unsafe usage of the logo_uri parameter in the Dynamic Client Registration request. An unauthenticated attacker can make a HTTP request from the vulnerable server to any address in the internal network and obtain its response (which might, for example, have a JavaScript payload for resultant XSS).
Remediation
Upgrade to the latest version of MITREid Connect
References
Related Vulnerabilities
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.14)
VMware vRealize Operations Server Side Request Forgery (SSRF) vulnerability
WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17669)
WordPress Plugin All in One Social Lite Server-Side Request Forgery (1.0)
WordPress Plugin HTTP Headers Multiple Vulnerabilities (1.9.1)