Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-12 | CVE-2024-39338 | Server-Side Request Forgery (SSRF) vulnerability in Axios 1.5.1 axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs. | 7.5 |
2024-08-12 | CVE-2024-41570 | Server-Side Request Forgery (SSRF) vulnerability in Havocframework Havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. | 9.8 |
2024-08-06 | CVE-2024-38206 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Copilot Studio An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. | 6.5 |
2024-08-05 | CVE-2024-42352 | Server-Side Request Forgery (SSRF) vulnerability in Nuxt Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. | 7.5 |
2024-08-05 | CVE-2024-39713 | Server-Side Request Forgery (SSRF) vulnerability in Rocket.Chat A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1. | 8.6 |
2024-08-01 | CVE-2024-38791 | Server-Side Request Forgery (SSRF) vulnerability in Meowapps AI Engine Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request Forgery.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.4.7. | 7.1 |
2024-08-01 | CVE-2024-2090 | Server-Side Request Forgery (SSRF) vulnerability in Doublesharp Remote Content Shortcode The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remote_content shortcode. | 6.4 |
2024-08-01 | CVE-2024-7330 | Server-Side Request Forgery (SSRF) vulnerability in Youdiancms 7.0 A vulnerability has been found in YouDianCMS 7 and classified as critical. | 6.3 |
2024-07-31 | CVE-2024-6980 | Server-Side Request Forgery (SSRF) vulnerability in Bitdefender Gravityzone A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise. | 9.8 |
2024-07-30 | CVE-2024-41305 | Server-Side Request Forgery (SSRF) vulnerability in Wondercms 3.4.3 A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter. | 4.7 |