Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-23 | CVE-2020-8902 | Server-Side Request Forgery (SSRF) vulnerability in Google Rendertron Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. | 4.3 |
| 2021-02-22 | CVE-2020-36232 | Server-Side Request Forgery (SSRF) vulnerability in Atlassian Atlassian-Gadgets The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it incorrectly obtained application base url information from the executing http request which could be attacker controlled. | 5.0 |
| 2021-02-19 | CVE-2021-27214 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Adselfservice Plus 6.0 A Server-side request forgery (SSRF) vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated attacker to perform blind HTTP requests or perform a Cross-site scripting (XSS) attack against the administrative interface via an HTTP request, a different vulnerability than CVE-2019-3905. | 6.1 |
| 2021-02-19 | CVE-2021-3204 | Server-Side Request Forgery (SSRF) vulnerability in Webware Webdesktop 5.1.15 SSRF in the document conversion component of Webware Webdesktop 5.1.15 allows an attacker to read all files from the server. | 6.5 |
| 2021-02-19 | CVE-2020-10252 | Server-Side Request Forgery (SSRF) vulnerability in Owncloud An issue was discovered in ownCloud before 10.4. | 8.3 |
| 2021-02-18 | CVE-2021-27329 | Server-Side Request Forgery (SSRF) vulnerability in Frendi Frendica 2021.01 Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names. | 10.0 |
| 2021-02-18 | CVE-2020-28463 | Server-Side Request Forgery (SSRF) vulnerability in multiple products All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. | 6.5 |
| 2021-02-16 | CVE-2021-27103 | Server-Side Request Forgery (SSRF) vulnerability in Accellion FTA Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. | 9.8 |
| 2021-02-16 | CVE-2020-35561 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. | 5.3 |
| 2021-02-16 | CVE-2020-35558 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. | 7.5 |