- Vulnerability: Server-Side Request Forgery
- Severity: Medium
- Project: Talend/component-runtime
- Branch: master
- Scan Date: Unknown
org.apache.xmlgraphics:batik-bridge is vulnerable to server-side request forgery. The vulnerability exists in `DefaultExternalResourceSecurity` because the constructor logic does not properly restrict external resources, which allows remote attackers to cause SSRF bypass and gain access to confidential information.