SSRF Vulnerability in OutSystems Platform Server and LifeTime Management Console
CVE-2021-29357 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests.
Learn more about our Cis Benchmark Audit For Server Software.