VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (1,583)

page 40 of 80
  • CVE-2025-8527MedAug 4, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation…

  • CVE-2025-8228MedJul 27, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function getPages of the file /cms/collect/getPages. The manipulation of the argument targetUrl leads to server-side request forgery. The attack may be…

  • CVE-2025-8133MedJul 25, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in yanyutao0402 ChanCMS up to 3.1.2. This affects the function getArticle of the file app/modules/api/service/gather.js. The manipulation of the argument targetUrl leads to server-side request forgery. It is possible to…

  • CVE-2025-7787MedJul 18, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to server-side request forgery. It is…

  • CVE-2025-7759MedJul 17, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in thinkgem JeeSite up to 5.12.0. This vulnerability affects unknown code of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. Such manipulation of the argument Source leads to…

  • CVE-2025-50125MedJul 11, 2025
    risk 0.41cvss epss 0.00

    A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledge of hidden URLs and manipulation of host request header.

  • CVE-2025-7103MedJul 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in BoyunCMS up to 1.4.20. It has been rated as critical. This issue affects some unknown processing of the file /application/pay/controller/Index.php of the component curl. The manipulation leads to server-side request forgery. The attack may be…

  • CVE-2025-6762MedJun 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of the component HTTP Header Handler. The manipulation of the argument Host leads to server-side request forgery. It is possible to initiate…

  • CVE-2025-6517MedJun 23, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue affects the function Add of the file maxkey-webs\maxkey-web-mgt\src\main\java\org\dromara\maxkey\web\apps\contorller\SAML20DetailsController.java of the component Meta URL Handler. The…

  • CVE-2025-6142MedJun 16, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Intera InHire up to 20250530. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument 29chcotoo9 leads to server-side request forgery. The attack can be launched remotely. The…

  • CVE-2025-5276HigMay 29, 2025
    risk 0.41cvss 7.4epss 0.00

    Versions of the package mcp-markdownify-server before 1.0.0 are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown,…

  • CVE-2025-5140MedMay 25, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability classified as critical has been found in Seeyon Zhiyuan OA Web Application System up to 8.1 SP2. This affects the function this.oursNetService.getData of the file com\ours\www\ehr\openPlatform1\open4ClientType\controller\ThirdMenuController.class. The…

  • CVE-2025-28093MedMar 28, 2025
    risk 0.41cvss 6.3epss 0.00

    ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) in Email Settings.

  • CVE-2025-28092MedMar 28, 2025
    risk 0.41cvss 6.3epss 0.00

    ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function.

  • CVE-2024-56800HigDec 30, 2024
    risk 0.41cvss 7.4epss 0.00

    Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery (SSRF) vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to…

  • CVE-2024-22219MedAug 15, 2024
    risk 0.41cvss 6.3epss 0.00

    XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code…

  • CVE-2024-38514HigJun 28, 2024
    risk 0.41cvss 7.4epss 0.02

    NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the `endpoint` GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable…

  • CVE-2024-33832MedApr 30, 2024
    risk 0.41cvss 6.3epss 0.01

    OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /index.php?c=api&method=get_link_info.

  • CVE-2024-1233HigApr 9, 2024
    risk 0.41cvss 7.3epss 0.01

    A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request…

  • CVE-2023-7037MedDec 21, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated…