In a Server-side request forgery (SSRF) attack, the attacker tricks the vulnerable application into sending a custom request to an internal application. The attacker might be able to exfiltrate information by making requests to internal applications that otherwise would be out of reach from the attacker. This attack can also be used to trigger actions on those applications, bypassing the restriction of only being available internally.

How to fix

• generic

• The best strategy is to have a filter on the identified vulnerable parameter with a whitelist of URLs where the server can execute requests to. Alternatively, the filter can have patterns for allowed URLs. In case you already have filters in place, review and refine them to be more effective.