WPS Server Side Request Forgery vulnerability
Summary The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. Details This vulnerability requires: The WPS extension to be installed The WPS security setting "Disable complex inputs" to be unselected Security URL checks to be disabled Impact This vulnerability presents the opportunity for Server Side Request Forgery. Mitigation The ability …