Apache Dubbo Open Redirect and SSRF Vulnerability
CVE-2021-25640 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability.
Learn more about our Cis Benchmark Audit For Apache Http Server.