apache batik CVE-2020-11987 vulnerability in Apache and Other Products
Published on February 24, 2021

product logo product logo product logo product logo product logo
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

Vendor Advisory Vendor Advisory Vendor Advisory NVD


Products Associated with CVE-2020-11987

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-11987 are published in these products:

Apache Batik
 
Fedora Project Fedora
 
Oracle Communications Application Session Controller
 
Oracle Communications Metasolv Solution
 
Oracle Communications Offline Mediation Controller
 
Oracle Enterprise Repository
 
Oracle Flexcube Universal Banking
 
Oracle Fusion Middleware Mapviewer
 
Oracle Instantis Enterprisetrack
 
Oracle Insurance Policy Administration
 
Oracle Retail Back Office
 
Oracle Retail Central Officeretail Back Office
 
Oracle Retail Order Broker
 
Oracle Retail Order Management System Cloud Service
 
Oracle Retail Point Of Service
 
Oracle Retail Returns Management
 
Oracle Retail Central Office
 
Oracle Banking Apis
 
Oracle Banking Digital Experience
 
Canonical Ubuntu Linux
 
Oracle Weblogic Server
 
Oracle Agile Engineering Data Management
 
Oracle Product Lifecycle Analytics
 
Debian Linux
 

Exploit Probability

EPSS
1.36%
Percentile
79.89%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.