VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (1,583)

page 24 of 80
  • CVE-2024-6922MedJul 26, 2024
    risk 0.47cvss epss 0.30

    Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web requests from…

  • CVE-2024-41668HigJul 23, 2024
    risk 0.47cvss 8.3epss 0.01

    The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery (SSRF)…

  • CVE-2024-34581HigJun 26, 2024
    risk 0.47cvss 7.3epss 0.00

    The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and…

  • CVE-2024-33250HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted request.

  • CVE-2024-31288HigApr 7, 2024
    risk 0.47cvss 7.2epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11.

  • CVE-2024-27775HigMar 28, 2024
    risk 0.47cvss 7.2epss 0.01

    SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash

  • CVE-2023-49159HigDec 15, 2023
    risk 0.47cvss 7.2epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4.

  • CVE-2023-3025HigSep 16, 2023
    risk 0.47cvss 7.2epss 0.00

    The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the 'link' parameter. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application…

  • CVE-2020-11988HigFeb 24, 2021
    risk 0.47cvss 8.2epss 0.07

    Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET…

  • CVE-2020-11987HigFeb 24, 2021
    risk 0.47cvss 8.2epss 0.14

    Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

  • CVE-2020-14044HigAug 24, 2020
    risk 0.47cvss 7.2epss 0.03

    ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This…

  • CVE-2018-13790HigJul 9, 2018
    risk 0.47cvss 7.2epss 0.01

    A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.

  • CVE-2017-18096HigApr 4, 2018
    risk 0.47cvss 7.2epss 0.01

    The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SSRF)…

  • CVE-2018-1000056HigFeb 9, 2018
    risk 0.47cvss 8.3epss 0.01

    Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service…

  • CVE-2017-14585HigNov 27, 2017
    risk 0.47cvss 7.2epss 0.04

    A Server Side Request Forgery (SSRF) vulnerability could lead to remote code execution for authenticated administrators. This issue was introduced in version 2.2.0 of Hipchat Server and version 3.0.0 of Hipchat Data Center. Versions of Hipchat Server starting with 2.2.0 and…

  • CVE-2015-8813HigMar 3, 2017
    risk 0.47cvss 8.2epss 0.12

    The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter.

  • CVE-2026-46393HigJun 5, 2026
    risk 0.46cvss epss 0.00

    HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery (SSRF) vulnerability in versions prior to 26.0.0 allows authenticated users to fetch arbitrary internal or local resources and write the responses to a…

  • CVE-2026-7325HigMay 22, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server. …

  • CVE-2026-43993HigMay 12, 2026
    risk 0.46cvss 8.2epss 0.00

    JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch() on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in…

  • CVE-2026-42260HigMay 12, 2026
    risk 0.46cvss 8.2epss 0.00

    Open-WebSearch is a multi-engine MCP server, CLI, and local daemon for agent web search and content retrieval. Prior to 2.1.7, isPublicHttpUrl / assertPublicHttpUrl in src/utils/urlSafety.ts do not recognize bracketed IPv6 literals and do not resolve DNS, which combine to allow…