CVE-2022-38299
Published
CVSS v3
4.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows attackers to connect disallowed hosts to the AWS/GCP internal metadata endpoint.
Platform to build admin panels, internal tools, and dashboards. Integrates with 25+ databases and any API.
GitHub