Vulnerabilities > Server-Side Request Forgery (SSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-24	CVE-2020-13484	Server-Side Request Forgery (SSRF) vulnerability in Bitrix24 20.0.0/20.0.975 Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL. network low complexity bitrix24 CWE-918 critical	9.8
2020-06-19	CVE-2019-20872	Server-Side Request Forgery (SSRF) vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. local low complexity mattermost CWE-918	5.5
2020-06-16	CVE-2020-8544	Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.3 allows SSRF. network low complexity open-xchange CWE-918	6.5
2020-06-15	CVE-2020-13650	Server-Side Request Forgery (SSRF) vulnerability in Digdash 2018R2/2019R1/2019R2 An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. network low complexity digdash CWE-918	7.5
2020-06-15	CVE-2020-9427	Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange OX Guard 2.10.3 OX Guard 2.10.3 and earlier allows SSRF. network low complexity open-xchange CWE-918	5.0
2020-06-12	CVE-2020-11980	Server-Side Request Forgery (SSRF) vulnerability in Apache Karaf In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. network low complexity apache CWE-918	6.3
2020-06-12	CVE-2020-9645	Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. network low complexity adobe CWE-918	7.5
2020-06-12	CVE-2020-9643	Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. network low complexity adobe CWE-918	7.5
2020-06-11	CVE-2020-12725	Server-Side Request Forgery (SSRF) vulnerability in Redash Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. network low complexity redash CWE-918	7.2
2020-06-11	CVE-2020-4101	Server-Side Request Forgery (SSRF) vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5 "HCL Digital Experience is susceptible to Server Side Request Forgery." network low complexity hcltech CWE-918 critical	9.8