The host is installed with WSO2 API Manager 2.6.0 and is prone to an SSRF attack vulnerability. A flaw is present in the application, which fails to properly handle an issue caused by the existence of the file:// wrapper. Successful exploitation could allow attackers to force the application to perform requests to workstation or enumerate files.