Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2020-8540 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Desktop Central An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 9.8 |
| 2020-03-10 | CVE-2019-13121 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. | 7.5 |
| 2020-03-10 | CVE-2019-12443 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.2 through 11.11. | 9.8 |
| 2020-03-07 | CVE-2020-10212 | Server-Side Request Forgery (SSRF) vulnerability in Tecrail Responsive Filemanager 9.13.4/9.14.0 upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. | 9.8 |
| 2020-02-21 | CVE-2019-18846 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.2 allows SSRF. | 5.0 |
| 2020-02-18 | CVE-2020-7796 | Server-Side Request Forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled. | 9.8 |
| 2020-02-17 | CVE-2019-20474 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Remote Access Plus 10.0.447 An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. | 4.3 |
| 2020-02-14 | CVE-2020-8128 | Server-Side Request Forgery (SSRF) vulnerability in Jsreport An unintended require and server-side request forgery vulnerabilities in jsreport version 2.5.0 and earlier allow attackers to execute arbitrary code. | 9.8 |
| 2020-02-12 | CVE-2019-4741 | Server-Side Request Forgery (SSRF) vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). | 5.3 |
| 2020-02-04 | CVE-2020-8118 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application. | 5.0 |