8 lines
457 B
Plaintext
8 lines
457 B
Plaintext
Server-Side Request Forgery (SSRF) occurs when attackers can coerce a server to
|
|
perform arbitrary requests on their behalf. +
|
|
|
|
An SSRF vulnerability can either be basic or blind, depending on whether the
|
|
server's fetched data is directly returned in the web application's response. +
|
|
The absence of the corresponding response for the coerced request on the
|
|
application is not a barrier to exploitation and thus must be treated in the
|
|
same way as basic SSRF. |