CVE-2022-44730

Summary

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.

A malicious SVG can probe user profile / data and send it directly as parameter to a URL.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache XML Graphics Batik1.16affected

Weaknesses

  • CWE-918: CWE-918 Server-Side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

References