A reverse proxy uses the values of an HTTP request to route the request. Due to the proxy's insecure configuration, it leads to SSRF vulnerability. SSRF as in Server Side Request Forgery is a vulnerability that allows an attacker to force a server into sending requests to arbitrary hosts, including cloud metadata endpoints.


Restrict the reverse proxy to route to arbitrary hosts


Related Vulnerabilities