Server-Side Request Forgery (SSRF)
WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet.
Advisories for Maven/Org.wso2.am/Am-Parent package
2022