Server-Side Request Forgery in scout in clinical-genomics/scout
CVE-2022-1592
9.4CRITICAL
What is CVE-2022-1592?
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
Affected Version(s)
clinical-genomics/scout < unspecified
References
CVSS V3.1
Score:
9.4
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved