CVE-2022-1592: Server-Side Request Forgery (SSRF)
(updated )
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss…
References
- github.com/Clinical-Genomics/scout/issues/3325
- github.com/Clinical-Genomics/scout/pull/3326
- github.com/advisories/GHSA-g53g-q539-93cv
- github.com/clinical-genomics/scout/commit/b0ef15f4737d0c801154c1991b52ff5cab4f5c83
- huntr.dev/bounties/352b39da-0f2e-415a-9793-5480cae8bd27
- nvd.nist.gov/vuln/detail/CVE-2022-1592
Code Behaviors & Features
Detect and mitigate CVE-2022-1592 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →