CVE-2022-25850

Summary

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information from the server.

Affected Software

VendorProductVersion RangeStatus
n/agithub.com/hoppscotch/proxyscotchunspecified < 1.0.0affected

Weaknesses

  • Server-side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

References