Vulnerabilities > CVE-2022-44730 - Server-Side Request Forgery (SSRF) vulnerability in multiple products

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
local
low complexity
apache
debian
CWE-918

Summary

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.

Vulnerable Configurations

Part Description Count
Application
Apache
1
OS
Debian
1

Common Weakness Enumeration (CWE)