Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,678)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-4335 1Gitlab 1Gitlab Mar 28, 2025 Jan 27, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host.
CVE-2023-24060 1Havenweb 1Haven Mar 27, 2025 Jan 27, 2023 N/A· v4 5.0 MEDIUM· v3 N/A· v2 Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the...Show more Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have numbered releases; ordinary end users may typically use the master branch.Show less
CVE-2023-24495 1Tenable 1Tenable.sc Mar 27, 2025 Jan 26, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and int...Show more A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly.Show less
CVE-2022-46998 1Taogogo 1Taocms Apr 1, 2025 Jan 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF).
CVE-2023-23560 1Lexmark 128B2236 Firmware B2338 FirmwareB2442 Firmware+125 more Apr 2, 2025 Jan 23, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
CVE-2021-43449 1Onlyoffice 1Server Apr 2, 2025 Jan 23, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The document editor service can be abused to read and serve arbitrary URLs as a document.
CVE-2021-37498 1Reprisesoftware 1Reprise License Manager Apr 30, 2025 Jan 20, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in...Show more An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function.Show less
CVE-2023-20002 1Cisco 2Roomos Telepresence Collaboration Endpoint Nov 21, 2024 Jan 20, 2023 N/A· v4 4.4 MEDIUM· v3 N/A· v2 A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to i...Show more A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected system.Show less
CVE-2022-45926 1Opentext 1Opentext Extended Ecm Apr 4, 2025 Jan 18, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports.
CVE-2023-22493 1Rsshub 1Rsshub Nov 21, 2024 Jan 13, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 RSSHub is an open source RSS feed generator. RSSHub is vulnerable to Server-Side Request Forgery (SSRF) attacks. This vulnerability allows an attacker to send arbitrary HTTP requests from the server to other servers or r...Show more RSSHub is an open source RSS feed generator. RSSHub is vulnerable to Server-Side Request Forgery (SSRF) attacks. This vulnerability allows an attacker to send arbitrary HTTP requests from the server to other servers or resources on the network. An attacker can exploit this vulnerability by sending a request to the affected routes with a malicious URL. An attacker could also use this vulnerability to send requests to internal or any other servers or resources on the network, potentially gain access to sensitive information that would not normally be accessible and amplifying the impact of the attack. The patch for this issue can be found in commit a66cbcf. Show less
CVE-2022-3841 1Redhat 1Advanced Cluster Management For Kubernetes Apr 9, 2025 Jan 13, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker c...Show more RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauthenticated users making requests.Show less
CVE-2022-25026 1Rocketsoftware 1Trufusion Enterprise Apr 8, 2025 Jan 12, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to gain access to sensitive resources on the internal network via a crafted HTTP request to /trufusionPortal/upDwModuleProx...Show more A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to gain access to sensitive resources on the internal network via a crafted HTTP request to /trufusionPortal/upDwModuleProxy.Show less
CVE-2023-21761 1Microsoft 1Exchange Server Nov 21, 2024 Jan 10, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-39039 1Aenrich 1A+hrd Nov 21, 2024 Jan 3, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack...Show more aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack, to perform arbitrary system command or disrupt service.Show less
CVE-2022-45027 1Perfsonar 1Perfsonar Apr 11, 2025 Jan 1, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.
CVE-2017-20157 1Ariadne Cms 1Ariadne Component Library Nov 21, 2024 Dec 31, 2022 N/A· v4 9.8 CRITICAL· v3 5.2 MEDIUM· v2 A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Up...Show more A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217140.Show less
CVE-2022-38212 1Esri 1Portal For Arcgis Nov 21, 2024 Dec 29, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge reques...Show more Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38203.Show less
CVE-2022-38211 1Esri 1Portal For Arcgis Nov 21, 2024 Dec 29, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.9.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge reques...Show more Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.9.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38212.Show less
CVE-2022-38203 1Esri 1Portal For Arcgis Nov 21, 2024 Dec 29, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge reques...Show more Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38212.Show less
CVE-2022-23544 1Metersphere 1Metersphere Nov 21, 2024 Dec 28, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Versions prior to 2.5.0 are subject to a Server-Side Request Forgery tha...Show more MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Versions prior to 2.5.0 are subject to a Server-Side Request Forgery that leads to Cross-Site Scripting. A Server-Side request forgery in `IssueProxyResourceService::getMdImageByUrl` allows an attacker to access internal resources, as well as executing JavaScript code in the context of Metersphere's origin by a victim of a reflected XSS. This vulnerability has been fixed in v2.5.0. There are no known workarounds. Show less

Previous 1...969798...134 Next