server-side request forgery (ssrf)
Server-side request forgery (SSRF) refers to a security vulnerability where an attacker tricks a server into making requests on its behalf, potentially to access or manipulate internal resources that should not be publicly accessible.
Requires login.
Related Concepts (27)
- binary planting (also known as dll preloading or dll sideloading)
- client-side code injection
- code injection
- command injection
- cross-site request forgery (csrf)
- cross-site scripting (xss)
- directory traversal
- dns rebinding
- file inclusion vulnerabilities
- html injection
- http parameter pollution (hpp)
- injection attacks
- local file inclusion (lfi)
- open redirects
- remote file inclusion (rfi)
- ruby code injection
- script injection
- security misconfigurations
- server-side code injection
- server-side request smuggling (ssrs)
- server-side template injection (ssti)
- server-side xml injection
- unrestricted file uploads
- web application exploitation
- web cache poisoning
- xml external entity (xxe) injection
- xml injection
Similar Concepts
- cross-site request forgery (csrf) attacks
- cross-site request forgery (csrf) authentication bypass
- cross-site request forgery (csrf) prevention
- cross-site request forgery (csrf) vulnerabilities
- cross-site scripting
- cross-site scripting (xss) attacks
- cross-site scripting (xss) authentication bypass
- cross-site scripting (xss) vulnerabilities
- csrf (cross-site request forgery)
- server side code injection
- server side request forgery (ssrf)
- server-side request forgery (ssrf) via file upload
- server-side request forgery (ssrf) vulnerabilities
- server-side security measures
- server-side vulnerabilities