Server-side request forgery (SSRF) - PortSwigger Server-side request forgery is a web security vulnerability that allows an attacker to cause the server-side application to make requests to an unintended location In a typical SSRF attack, the attacker might cause the server to make a connection to internal-only services within the organization's infrastructure
SSRF Attacks Explained: How They Work How to Prevent - Intigriti TL;DR: An SSRF vulnerability allows an attacker to send requests from an asset behind the firewall This enables an adversary to potentially access otherwise locked down applications and allows for confidential data extraction
Server Side Request Forgery (SSRF) Attacks How to Prevent Them Server-Side Request Forgery (SSRF) attacks allow an attacker to make requests to any domains through a vulnerable server Attackers achieve this by making the server connect back to itself, to an internal service or resource, or to its own cloud provider
Server-Side Request Forgery (SSRF) Attack Explained: Definition, Types . . . A Server-Side Request Forgery attack (SSRF) is a web app vulnerability that hackers use to bypass firewall or VPN protection of internal systems An SSRF attack can enable malicious actors to access sensitive data or gain control of other systems
What is server-side request forgery (SSRF)? - Acunetix SSRF vulnerabilities let an attacker send crafted requests from the back-end server of a vulnerable application Criminals usually use SSRF attacks to target internal systems that are behind firewalls and are not accessible from the external network