hoppscotch/proxyscotch

Releases5

Frequency1 year 2 months

Last Release over 1 year ago

Stars417

📡 A simple proxy server created for https://hoppscotch.io

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-25850 ↗	May 1, 2022Sunday, 1 May 2022, 16:15	7.5 HIGH	5 MEDIUM
The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information from the server.