Date: Sep 9, 2021, 9:23:47 AM
Date: Sep 30, 2021, 12:41:23 PM
Name: A10:2021 – Server-Side Request Forgery (SSRF)
Name: A10:2021 – Server-Side Request Forgery (SSRF)
Description: SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network ACL.
Description: SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network ACL.
t | 1 | {} | t | 1 | { |
2 | "authors": [ | ||||
3 | "https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_(SSRF)" | ||||
4 | ], | ||||
5 | "code": "A10:2021", | ||||
6 | "description": "SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network ACL.", | ||||
7 | "label": "Server-Side Request Forgery (SSRF)", | ||||
8 | "language": "EN", | ||||
9 | "uuid": "428b0104-3d21-4d6d-872a-d728db617fdf" | ||||
10 | } |