Download
| Alert*
oval:org.secpod.oval:def:1901782
Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 . Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL. oval:org.secpod.oval:def:2000659 SSRF issue |