SSRF issue exists @ webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java in branch develop
The application sends a request to a remote server, for some resource, using openStream in webgoat-lessons\ssrf\src\main\java\org\owasp\webgoat\ssrf\SSRFTask2.java:50. However, an attacker can control the target of the request, by sending a URL or other data in url at webgoat-lessons\ssrf\src\main\java\org\owasp\webgoat\ssrf\SSRFTask2.java:50.
SSRF issue exists @ webgoat-lessons/ssrf/src/main/java/org/owasp/webgoat/ssrf/SSRFTask2.java in branch develop
The application sends a request to a remote server, for some resource, using openStream in webgoat-lessons\ssrf\src\main\java\org\owasp\webgoat\ssrf\SSRFTask2.java:50. However, an attacker can control the target of the request, by sending a URL or other data in url at webgoat-lessons\ssrf\src\main\java\org\owasp\webgoat\ssrf\SSRFTask2.java:50.
Severity: Medium
CWE:918
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: 51 46
Code (Line #51):
Code (Line #46):