Vulnerabilities > Server-Side Request Forgery (SSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-06-24 CVE-2021-20421 Server-Side Request Forgery (SSRF) vulnerability in IBM Jazz Team Server
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
4.0
2022-06-24 CVE-2021-20544 Server-Side Request Forgery (SSRF) vulnerability in IBM Jazz Team Server
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
4.0
2022-06-23 CVE-2022-34011 Server-Side Request Forgery (SSRF) vulnerability in Zhyd Oneblog 2.3.4
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the parameter entryUrls.
network
low complexity
zhyd CWE-918
4.0
2022-06-23 CVE-2022-34013 Server-Side Request Forgery (SSRF) vulnerability in Zhyd Oneblog 2.3.4
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Logo parameter under the Link module.
network
low complexity
zhyd CWE-918
4.0
2022-06-22 CVE-2022-23080 Server-Side Request Forgery (SSRF) vulnerability in Rangerstudio Directus
In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans.
network
low complexity
rangerstudio CWE-918
4.0
2022-06-21 CVE-2021-36761 Server-Side Request Forgery (SSRF) vulnerability in Qlik Sense April2020
The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows SSRF.
network
low complexity
qlik CWE-918
5.0
2022-06-19 CVE-2022-23071 Server-Side Request Forgery (SSRF) vulnerability in Tandoor Recipes
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality.
network
low complexity
tandoor CWE-918
4.0
2022-06-15 CVE-2021-41403 Server-Side Request Forgery (SSRF) vulnerability in Flatcore Flatcore-Cms 2.0.8
flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery vulnerabilities.
network
low complexity
flatcore CWE-918
7.5
2022-06-14 CVE-2022-29612 Server-Side Request Forgery (SSRF) vulnerability in SAP Host Agent and Netweaver Abap
SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, 8.04, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, 8.04, SAPHOSTAGENT 7.22, allows an authenticated user to misuse a function of sapcontrol webfunctionality(startservice) in Kernel which enables malicious users to retrieve information.
network
low complexity
sap CWE-918
4.0
2022-06-13 CVE-2021-40604 Server-Side Request Forgery (SSRF) vulnerability in Invisioncommunity IPS Community Suite
A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via phar protocol when generating class names dynamically.
network
low complexity
invisioncommunity CWE-918
6.4