Description

SSRF as in Server Side Request Forgery is a vulnerability that allows an attacker to force server interfaces into sending packets initiated by the victim server to the local interface or to another server behind the firewall. Consult Web References for more information about this problem.

Remediation

Your script should properly sanitize user input.

References

SSRF VS. BUSINESS-CRITICAL APPLICATIONS

Related Vulnerabilities

WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Multiple Vulnerabilities (3.3.0)

WordPress Plugin Dropbox Folder Share Server-Side Request Forgery (1.9.7)

WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17670)

Skype for Business SSRF (CVE-2023-41763)

WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Server-Side Request Forgery (3.4.3)

Severity

Critical

Classification

CWE-918 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

SSRF