CVE-2022-44730 Information

Description

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.

A malicious SVG can probe user profile / data and send it directly as parameter to a URL.

Reference

https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0 https://xmlgraphics.apache.org/security.html