Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-29 | CVE-2023-44469 | Server-Side Request Forgery (SSRF) vulnerability in Lemonldap-Ng Lemonldap::Ng A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. | 4.3 |
| 2023-09-27 | CVE-2023-41449 | Server-Side Request Forgery (SSRF) vulnerability in PHPkobo Ajaxnewsticker 1.0.5 An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. | 9.8 |
| 2023-09-15 | CVE-2023-42398 | Server-Side Request Forgery (SSRF) vulnerability in Zzcms 2023 An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive information via the ueditor component in controller.php. | 9.8 |
| 2023-09-06 | CVE-2023-36388 | Server-Side Request Forgery (SSRF) vulnerability in Apache Superset Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF. | 5.4 |
| 2023-09-06 | CVE-2023-41937 | Server-Side Request Forgery (SSRF) vulnerability in Jenkins Bitbucket Push and Pull Request Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 (both inclusive) trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by sending a crafted webhook payload. | 7.5 |
| 2023-09-01 | CVE-2023-36088 | Server-Side Request Forgery (SSRF) vulnerability in Vesoft Nebulagraph Studio 3.7.0 Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive information. | 7.5 |
| 2023-09-01 | CVE-2023-40969 | Server-Side Request Forgery (SSRF) vulnerability in Slims Senayan Library Management System 9.6.1 Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php. | 6.1 |
| 2023-08-30 | CVE-2023-4624 | Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08. | 2.4 |
| 2023-08-22 | CVE-2023-37440 | Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack. | 5.3 |
| 2023-08-16 | CVE-2023-35011 | Server-Side Request Forgery (SSRF) vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery (SSRF). | 5.4 |