Date: Sep 9, 2021, 9:23:47 AM
Date: Sep 30, 2021, 12:41:23 PM
Name: A10:2021 – Server-Side Request Forgery (SSRF)
Name: A10:2021 – Server-Side Request Forgery (SSRF)
Description: SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network ACL.
Description: SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network ACL.
| t | 1 | {} | t | 1 | { |
| 2 | "authors": [ | ||||
| 3 | "https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_(SSRF)" | ||||
| 4 | ], | ||||
| 5 | "code": "A10:2021", | ||||
| 6 | "description": "SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network ACL.", | ||||
| 7 | "label": "Server-Side Request Forgery (SSRF)", | ||||
| 8 | "language": "EN", | ||||
| 9 | "uuid": "428b0104-3d21-4d6d-872a-d728db617fdf" | ||||
| 10 | } |