all InfoSec news
OWASP API7:2023 Server Side Request Forgery(SSRF)
DEV Community dev.to
Server-Side Request Forgery (SSRF) flaws occur when an API is fetching a remote resource without validating the user-supplied URL. It enables an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall or a VPN.
SSRF in Modern Application 🚀
Modern concepts in application development make SSRF more common and more dangerous.
More common - the following concepts encourage developers to access an external resource based on user input: Webhooks, …
api application attacker beginners coerce concepts cybersecurity devsecops firewall flaws forgery owasp request resource send server server side server-side request forgery ssrf url vpn