Server-Side Request Forgery

Description

The application is susceptible to Server-Side Request Forgery (SSRF), a high-risk vulnerability that allows attackers to make unauthorized requests to internal and external resources. This vulnerability arises when user-controlled input is not properly validated or sanitized before being used in requests to resources, enabling attackers to manipulate these requests for malicious purposes.

Remediation

Avoid using user-supplied data for constructing requests. If there is a business need for this, consider an allowlist approach and/or block requests to internal resources using firewall rules or a robust request library with anti-SSRF support.

Details

ID Aggregated CWE Type Risk
918.1 false 918 Active high