CWE-918
AllowedServer-Side Request Forgery (SSRF)
Abstraction: Base · Status: Incomplete
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
4587 vulnerabilities reference this CWE, most recent first.
GHSA-XF86-43XX-Q9WM
Vulnerability from github – Published: 2022-05-24 16:56 – Updated: 2024-04-04 02:00IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 160014.
{
"affected": [],
"aliases": [
"CVE-2019-4262"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-09-26T15:15:00Z",
"severity": "MODERATE"
},
"details": "IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 160014.",
"id": "GHSA-xf86-43xx-q9wm",
"modified": "2024-04-04T02:00:55Z",
"published": "2022-05-24T16:56:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-4262"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160014"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/1074538"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XF8H-2JHW-RGXQ
Vulnerability from github – Published: 2026-01-08 12:30 – Updated: 2026-01-20 15:33Server-Side Request Forgery (SSRF) vulnerability in _nK nK Themes Helper nk-themes-helper allows Server Side Request Forgery.This issue affects nK Themes Helper: from n/a through <= 1.7.9.
{
"affected": [],
"aliases": [
"CVE-2025-22726"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-08T10:15:48Z",
"severity": "CRITICAL"
},
"details": "Server-Side Request Forgery (SSRF) vulnerability in _nK nK Themes Helper nk-themes-helper allows Server Side Request Forgery.This issue affects nK Themes Helper: from n/a through \u003c= 1.7.9.",
"id": "GHSA-xf8h-2jhw-rgxq",
"modified": "2026-01-20T15:33:08Z",
"published": "2026-01-08T12:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22726"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/nk-themes-helper/vulnerability/wordpress-nk-themes-helper-plugin-1-7-9-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/nk-themes-helper/vulnerability/wordpress-nk-themes-helper-plugin-1-7-9-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XFHG-3GVJ-W3C9
Vulnerability from github – Published: 2022-05-13 01:38 – Updated: 2022-05-13 01:38Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter.
{
"affected": [],
"aliases": [
"CVE-2017-12071"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-08T14:29:00Z",
"severity": "MODERATE"
},
"details": "Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter.",
"id": "GHSA-xfhg-3gvj-w3c9",
"modified": "2022-05-13T01:38:15Z",
"published": "2022-05-13T01:38:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12071"
},
{
"type": "WEB",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_35_PhotoStation"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XFMF-HV5J-W87J
Vulnerability from github – Published: 2026-04-08 09:31 – Updated: 2026-04-14 18:30Server-Side Request Forgery (SSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Server Side Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through <= 6.19.8.
{
"affected": [],
"aliases": [
"CVE-2026-39464"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-08T09:16:21Z",
"severity": "MODERATE"
},
"details": "Server-Side Request Forgery (SSRF) vulnerability in SeedProd Coming Soon Page, Under Construction \u0026 Maintenance Mode by SeedProd coming-soon allows Server Side Request Forgery.This issue affects Coming Soon Page, Under Construction \u0026 Maintenance Mode by SeedProd: from n/a through \u003c= 6.19.8.",
"id": "GHSA-xfmf-hv5j-w87j",
"modified": "2026-04-14T18:30:28Z",
"published": "2026-04-08T09:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39464"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/coming-soon/vulnerability/wordpress-coming-soon-page-under-construction-maintenance-mode-by-seedprod-plugin-6-19-8-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XFQ4-7GV9-V3W5
Vulnerability from github – Published: 2025-10-21 00:30 – Updated: 2025-10-21 00:30The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wp_ajax_import_elementor_template action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
{
"affected": [],
"aliases": [
"CVE-2025-11536"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-20T22:15:36Z",
"severity": "MODERATE"
},
"details": "The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wp_ajax_import_elementor_template action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.",
"id": "GHSA-xfq4-7gv9-v3w5",
"modified": "2025-10-21T00:30:25Z",
"published": "2025-10-21T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11536"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/bdthemes-element-pack-lite/tags/8.2.4/includes/setup-wizard/init.php#L420"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/97c100c3-8a96-4198-b38a-206268ff20ec?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XFQR-CG7J-569J
Vulnerability from github – Published: 2026-03-25 21:30 – Updated: 2026-03-25 21:30IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
{
"affected": [],
"aliases": [
"CVE-2026-1015"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-25T21:16:28Z",
"severity": "MODERATE"
},
"details": "IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.",
"id": "GHSA-xfqr-cg7j-569j",
"modified": "2026-03-25T21:30:36Z",
"published": "2026-03-25T21:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1015"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7266740"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XG73-5HQJ-7HWG
Vulnerability from github – Published: 2025-08-09 21:30 – Updated: 2025-08-09 21:30A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en&nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-8772"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-09T20:15:25Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en\u0026nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-xg73-5hqj-7hwg",
"modified": "2025-08-09T21:30:23Z",
"published": "2025-08-09T21:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8772"
},
{
"type": "WEB",
"url": "https://hkohi.ca/vulnerability/19"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.319295"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.319295"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.624976"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-XG77-2M7H-4885
Vulnerability from github – Published: 2025-05-27 18:30 – Updated: 2025-05-29 21:31maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery (SSRF) in Friend Link Management.
{
"affected": [],
"aliases": [
"CVE-2025-45475"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-27T18:15:31Z",
"severity": "MODERATE"
},
"details": "maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery (SSRF) in Friend Link Management.",
"id": "GHSA-xg77-2m7h-4885",
"modified": "2025-05-29T21:31:37Z",
"published": "2025-05-27T18:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45475"
},
{
"type": "WEB",
"url": "https://www.yuque.com/morysummer/vx41bz/dzidfm8vn2h5k1lb"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-XG8C-MW7J-WCV9
Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-05-24 19:14On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
{
"affected": [],
"aliases": [
"CVE-2021-23029"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-14T23:15:00Z",
"severity": "HIGH"
},
"details": "On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"id": "GHSA-xg8c-mw7j-wcv9",
"modified": "2022-05-24T19:14:48Z",
"published": "2022-05-24T19:14:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23029"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K52420610"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-XG93-7QJ8-C5VG
Vulnerability from github – Published: 2023-06-08 21:30 – Updated: 2024-04-04 04:40An issue in Chamilo v1.11.* up to v1.11.18 allows attackers to execute a Server-Side Request Forgery (SSRF) and obtain information on the services running on the server via crafted requests in the social and links tools.
{
"affected": [],
"aliases": [
"CVE-2023-34959"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-08T19:15:10Z",
"severity": "MODERATE"
},
"details": "An issue in Chamilo v1.11.* up to v1.11.18 allows attackers to execute a Server-Side Request Forgery (SSRF) and obtain information on the services running on the server via crafted requests in the social and links tools.",
"id": "GHSA-xg93-7qj8-c5vg",
"modified": "2024-04-04T04:40:47Z",
"published": "2023-06-08T21:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34959"
},
{
"type": "WEB",
"url": "https://github.com/chamilo/chamilo-lms/commit/cc278f01864948b1fb160e03f0a3dc0875d5f81f"
},
{
"type": "WEB",
"url": "https://github.com/chamilo/chamilo-lms/commit/ea5791ff8ce6ea45148a171b0da5348a7c415e6f"
},
{
"type": "WEB",
"url": "https://github.com/chamilo/chamilo-lms/commit/ed946908fef23e8aa4cefc28f745f3cd6710099f"
},
{
"type": "WEB",
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-111-2023-04-20-Moderate-impact-Low-risk-Multiple-blind-SSRF-in-links-and-social-tools"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-664: Server Side Request Forgery
An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.