Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. The name itself implies that a request that should have otherwise been made ...

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access internal ...

KomodoSec's study reveals critical SSRF vulnerabilities in HTML to PDF exports, offering vital mitigation strategies. NEW CASTLE, DELAWARE, USA, April 10, 2024 ...

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...

Two flaws in Microsoft’s cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks. Researchers have disclosed two flaws in Microsoft’s ...

Multiple privilege escalation issues in Microsoft Azure's cloud-based Health Bot service opened the platform to server-side request forgery (SSRF) and could have allowed access to cross-tenant ...

研究人员发现Docker WindowsPC机版有项服务器端请求伪造（Server-Side Request Forgery，SSRF）漏洞，能让攻击者从Docker容器非授权访问网站、创建高权限容器，甚至取得整台Windows主机的访问权。 这项漏洞编号CVE-2025-9074，出现在Docker Desktop应用程序，现为4.44.3版修补完成。

Microsoft said it won't fix or is delaying patches for several security flaws impacting Microsoft Teams' link preview feature reported since March 2021. German IT security consultancy firm Positive ...

Microsoft has fixed vulnerabilities in four separate services of its Azure cloud platform, two of which could have allowed attackers to perform a server-side request forgery (SSRF) attack — and thus ...

Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds. A server-side ...