Description
Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side Request Forgery (SSRF) via redirecting incoming requests to the AWS internal metadata endpoint.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-40890 | Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side Request Forgery (SSRF) via redirecting incoming requests to the AWS internal metadata endpoint. |
References
| Link | Providers |
|---|---|
| https://github.com/appsmithorg/appsmith/pull/15782 |
|
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-03T10:54:02.812Z
Reserved: 2022-08-15T00:00:00.000Z
Link: CVE-2022-38298
No data.
Status : Modified
Published: 2022-09-12T22:15:08.650
Modified: 2026-06-17T04:56:23.943
Link: CVE-2022-38298
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-918
Server-Side Request Forgery (SSRF)
EUVD