Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-19 | CVE-2022-22416 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2022-07-14 | CVE-2022-25800 | Server-Side Request Forgery (SSRF) vulnerability in Bestpractical Request Tracker for Incident Response Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool. | 9.1 |
| 2022-07-14 | CVE-2022-25801 | Server-Side Request Forgery (SSRF) vulnerability in Bestpractical Request Tracker for Incident Response Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools. | 9.1 |
| 2022-07-13 | CVE-2022-22982 | Server-Side Request Forgery (SSRF) vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vCenter Server contains a server-side request forgery (SSRF) vulnerability. | 7.5 |
| 2022-07-01 | CVE-2022-25876 | Server-Side Request Forgery (SSRF) vulnerability in Link-Preview-Js Project Link-Preview-Js The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery (SSRF) which allows attackers to send arbitrary requests to the local network and read the response. | 5.5 |
| 2022-06-30 | CVE-2022-26135 | Server-Side Request Forgery (SSRF) vulnerability in Atlassian products A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. | 6.5 |
| 2022-06-28 | CVE-2017-20106 | Server-Side Request Forgery (SSRF) vulnerability in Khoros Lithium Forum 2017 A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. | 4.4 |
| 2022-06-27 | CVE-2022-32995 | Server-Side Request Forgery (SSRF) vulnerability in Halo 1.5.3 Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function. | 9.8 |
| 2022-06-27 | CVE-2022-1977 | Server-Side Request Forgery (SSRF) vulnerability in Smackcoders Import ALL Pages, Post Types, Products, Orders, and Users AS XML & CSV The Import Export All WordPress Images, Users & Post Types WordPress plugin before 6.5.3 does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks | 7.2 |
| 2022-06-24 | CVE-2021-20421 | Server-Side Request Forgery (SSRF) vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). | 4.3 |