SSRF Vulnerability in OutSystems Platform Server and LifeTime Management Console

SSRF Vulnerability in OutSystems Platform Server and LifeTime Management Console

CVE-2021-29357 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests.

Learn more about our Cis Benchmark Audit For Server Software.