Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-19 | CVE-2023-29260 | Server-Side Request Forgery (SSRF) vulnerability in IBM Sterling Connect:Express for Unix 1.5.0 IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2023-07-17 | CVE-2023-3577 | Server-Side Request Forgery (SSRF) vulnerability in Mattermost Server Mattermost fails to properly restrict requests to localhost/intranet during the interactive dialog, which could allow an attacker to perform a limited blind SSRF. | 4.3 |
| 2023-07-10 | CVE-2021-42079 | Server-Side Request Forgery (SSRF) vulnerability in Osnexus Quantastor 4.3.0 An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. | 4.9 |
| 2023-06-30 | CVE-2023-35175 | Server-Side Request Forgery (SSRF) vulnerability in HP products Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model. | 9.8 |
| 2023-06-25 | CVE-2023-36661 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. | 7.5 |
| 2023-06-22 | CVE-2023-35133 | Server-Side Request Forgery (SSRF) vulnerability in Moodle An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. | 7.5 |
| 2023-06-20 | CVE-2023-26431 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite Backend IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. | 4.3 |
| 2023-06-20 | CVE-2023-26435 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite Backend It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. | 5.0 |
| 2023-06-16 | CVE-2023-24243 | Server-Side Request Forgery (SSRF) vulnerability in Cdata ARC 22.0.8336 CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF). | 7.5 |
| 2023-06-13 | CVE-2023-25609 | Server-Side Request Forgery (SSRF) vulnerability in Fortinet Fortianalyzer and Fortimanager A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests. | 6.5 |