Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-22 | CVE-2020-14023 | Server-Side Request Forgery (SSRF) vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. | 4.9 |
| 2020-09-21 | CVE-2020-16171 | Server-Side Request Forgery (SSRF) vulnerability in Acronis Cyber Backup 12.5 An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. | 6.5 |
| 2020-09-18 | CVE-2020-15772 | Server-Side Request Forgery (SSRF) vulnerability in Gradle Enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. | 4.9 |
| 2020-09-14 | CVE-2020-13309 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 8.8 |
| 2020-09-04 | CVE-2020-4632 | Server-Side Request Forgery (SSRF) vulnerability in IBM Infosphere Metadata Asset Manager 11.7 IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. | 6.5 |
| 2020-08-31 | CVE-2020-12644 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API. | 5.0 |
| 2020-08-29 | CVE-2020-24898 | Server-Side Request Forgery (SSRF) vulnerability in Stiltsoft Table Filter and Charts for Confluence Server 5.3.25 The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter). | 6.5 |
| 2020-08-28 | CVE-2020-9298 | Server-Side Request Forgery (SSRF) vulnerability in Spinnaker Orca The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure. | 7.5 |
| 2020-08-26 | CVE-2020-24548 | Server-Side Request Forgery (SSRF) vulnerability in Ericom Access Server 9.2.0 Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports. | 5.3 |
| 2020-08-25 | CVE-2020-17386 | Server-Side Request Forgery (SSRF) vulnerability in Cellopoint Cellos 4.1.10 Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. | 6.5 |