CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Official CWE-918 definition at MITREImpactr finds and proves weaknesses like CWE-918 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist