Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,678)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-41497 1Clippercms 1Clippercms May 15, 2025 Oct 13, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the pkg_url parameter at /manager/index.php.
CVE-2022-41496 1Idreamsoft 1Icms May 15, 2025 Oct 13, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php.
CVE-2022-41495 1Clippercms 1Clippercms May 15, 2025 Oct 13, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the rss_url_news parameter at /manager/index.php.
CVE-2022-36551 1Heartex 1Label Studio Nov 21, 2024 Oct 3, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. Furthermore, sel...Show more A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these versions of Label Studio enabling a remote attacker to create a new account and then exploit the SSRF.Show less
CVE-2022-41040 1Microsoft 1Exchange Server Oct 30, 2025 Oct 3, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-35282 1Ibm 1Websphere Application Server May 20, 2025 Sep 28, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability...Show more IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.Show less
CVE-2022-2352 1Wpexperts 1Post Smtp May 21, 2025 Sep 26, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations...Show more The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.Show less
CVE-2022-23464 1Nepxion 1Discovery Nov 21, 2024 Sep 24, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containin...Show more Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds.Show less
CVE-2022-39239 1Nuxtjs 1Netlify Ipx Nov 21, 2024 Sep 23, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 netlify-ipx is an on-Demand image optimization for Netlify using ipx. In versions prior to 1.2.3, an attacker can bypass the source image domain allowlist by sending specially crafted headers, causing the handler to load...Show more netlify-ipx is an on-Demand image optimization for Netlify using ipx. In versions prior to 1.2.3, an attacker can bypass the source image domain allowlist by sending specially crafted headers, causing the handler to load and return arbitrary images. Because the response is cached globally, this image will then be served to visitors without requiring those headers to be set. XSS can be achieved by requesting a malicious SVG with embedded scripts, which would then be served from the site domain. Note that this does not apply to images loaded in `<img>` tags, as scripts do not execute in this context. The image URL can be set in the header independently of the request URL, meaning any site images that have not previously been cached can have their cache poisoned. This problem has been fixed in version 1.2.3. As a workaround, cached content can be cleared by re-deploying the site.Show less
CVE-2022-40146 2Apache Debian 2Batik Debian Linux Nov 3, 2025 Sep 22, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-38648 2Apache Debian 2Batik Debian Linux Nov 3, 2025 Sep 22, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-38398 2Apache Debian 2Batik Debian Linux Nov 3, 2025 Sep 22, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
CVE-2022-40357 1Zblogcn 1Z Blogphp May 28, 2025 Sep 20, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF) vulnerability in the zb_users/plugin/UEditor/php/action_crawler.php file allows remote attackers to force the application to mak...Show more A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF) vulnerability in the zb_users/plugin/UEditor/php/action_crawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter.Show less
CVE-2022-38931 1Baijiacms Project 1Baijiacms May 28, 2025 Sep 20, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parame...Show more A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.Show less
CVE-2022-30579 1Tibco 2Spotfire Analytics Platform Spotfire Server May 28, 2025 Sep 20, 2022 N/A· v4 8.4 HIGH· v3 N/A· v2 The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with n...Show more The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to execute blind Server Side Request Forgery (SSRF) on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: version 12.0.0 and TIBCO Spotfire Server: version 12.0.0.Show less
CVE-2022-39211 1Nextcloud 2Nextcloud Enterprise Server Nextcloud Server Nov 21, 2024 Sep 16, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgrad...Show more Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Server is upgraded to 22.2.10.4, 23.0.8 or 24.0.4. There are no known workarounds for this issue.Show less
CVE-2022-2912 1Craw Data Project 1Craw Data Jun 3, 2025 Sep 16, 2022 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Craw Data WordPress plugin through 1.0.0 does not implement nonce checks, which could allow attackers to make a logged in admin change the url value performing unwanted crawls on third-party sites (SSRF).
CVE-2022-36112 1Glpi Project 1Glpi Nov 21, 2024 Sep 14, 2022 N/A· v4 5.8 MEDIUM· v3 N/A· v2 GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or ext...Show more GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or extenal calendar in planning is subject to SSRF exploit. Server-side requests can be used to scan server port or services opened on GLPI server or its private network. Queries responses are not exposed to end-user (blind SSRF). Users are advised to upgrade to version 10.0.3 to resolve this issue. There are no known workarounds.Show less
CVE-2022-2900 1Parse Url Project 1Parse Url Nov 21, 2024 Sep 14, 2022 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 8.1.0.
CVE-2022-38298 1Appsmith 1Appsmith Nov 21, 2024 Sep 12, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side Request Forgery (SSRF) via redirecting incoming requests to the AWS internal metadata endpoint.

Previous 1...99100101...134 Next