CVE-2019-17566 Information

Description

Apache Batik is vulnerable to server-side request forgery caused by improper input validation by the \xlink:href\ attributes. By using a specially-crafted argument an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

Reference

https://xmlgraphics.apache.org/security.html