Severity: Critical
CVSS Score: 9.1
The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request.