Server-Side Request Forgery (SSRF)

SSRF makes the server initiate requests to internal or external resources, often bypassing network access controls.

#appsec#cwe

Last updated: 2025-09-02T00:00:00.000Z

Evidence

CWE CWE-918 Normative evidence
cwe.mitre.org

Mappings

CWE-918

More context

Mitigate with strict allowlists, metadata service protections, and egress controls.