Github User

**Name of the Vulnerable Software and Affected Versions** Lura versions prior to 2.0.2 KrakenD-CE versions prior to 2.0.2 KrakenD-EE versions prior to 2.0.0 **Description** The issue arises from incorrect sanitization of URL parameters, allowing malicious users to alter the backend URL defined for a pipe when remote users send specially crafted URL requests. This does not affect KrakenD itself but may impact the consumed backend. **Recommendations** For Lura versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue. For KrakenD-CE versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue. For KrakenD-EE versions prior to 2.0.0, update to version 2.0.0 or later to resolve the issue.