Reply-To: d...@servicecomb.apache.org Subject: CVE-2023-44313: Apache ServiceComb Service-Center: attacker can perform SSRF through the frontend API
Affected versions: - Apache ServiceComb Service-Center through 2.1.0 Description: Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue. Credit: 苏 安 <suanw...@hotmail.com> (finder) References: https://lists.apache.org/thread/kxovd455o9h4f2v811hcov2qknbwld5r https://servicecomb.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-44313