Apache Dubbo Open Redirect and SSRF Vulnerability

Apache Dubbo Open Redirect and SSRF Vulnerability

CVE-2022-24969 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability.

Learn more about our Cis Benchmark Audit For Apache Http Server.