Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-13788 | Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet. | 4.3 |
| 2020-07-14 | CVE-2020-6282 | Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Application Server Java SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. | 5.8 |
| 2020-07-09 | CVE-2020-14170 | Server-Side Request Forgery (SSRF) vulnerability in Atlassian Bitbucket Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability. | 4.3 |
| 2020-07-01 | CVE-2020-14056 | Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. | 9.8 |
| 2020-07-01 | CVE-2019-20408 | Server-Side Request Forgery (SSRF) vulnerability in Atlassian Jira The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class. | 5.3 |
| 2020-06-24 | CVE-2020-13484 | Server-Side Request Forgery (SSRF) vulnerability in Bitrix24 20.0.0/20.0.975 Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL. | 9.8 |
| 2020-06-19 | CVE-2019-20872 | Server-Side Request Forgery (SSRF) vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. | 5.5 |
| 2020-06-16 | CVE-2020-8544 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.3 allows SSRF. | 6.5 |
| 2020-06-15 | CVE-2020-13650 | Server-Side Request Forgery (SSRF) vulnerability in Digdash 2018R2/2019R1/2019R2 An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. | 7.5 |
| 2020-06-15 | CVE-2020-9427 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange OX Guard 2.10.3 OX Guard 2.10.3 and earlier allows SSRF. | 5.0 |