Top SSRF reports from HackerOne:
- My Expense Report resulted in a Server-Side Request Forgery (SSRF) on Lyft to Lyft - 648 upvotes, $0
- SSRF in Exchange leads to ROOT access in all instances to Shopify - 538 upvotes, $0
- Server Side Request Forgery (SSRF) via Analytics Reports to HackerOne - 411 upvotes, $25000
- Server-Side Request Forgery using Javascript allows to exfill data from Google Metadata to Snapchat - 385 upvotes, $0
- Server Side Request Forgery (SSRF) at app.hellosign.com leads to AWS private keys disclosure to Dropbox - 360 upvotes, $4913
- SSRF & LFR via on city-mobil.ru to Mail.ru - 343 upvotes, $0
- SSRF on project import via the remote_attachment_url on a Note to GitLab - 341 upvotes, $10000
- Server Side Request Forgery mitigation bypass to GitLab - 333 upvotes, $0
- Full Response SSRF via Google Drive to Dropbox - 302 upvotes, $17576
- Blind SSRF to internal services in matrix preview_link API to Reddit - 298 upvotes, $6000
- SSRF on fleet.city-mobil.ru leads to local file read to Mail.ru - 272 upvotes, $0
- SSRF leaking internal google cloud data through upload function [SSH Keys, etc..] to Vimeo - 252 upvotes, $0
- Full read SSRF in www.evernote.com that can leak aws metadata and local file inclusion to Evernote - 246 upvotes, $0
- SSRF & LFR on city-mobil.ru to Mail.ru - 237 upvotes, $0
- Unsafe charts embedding implementation leads to cross-account stored XSS and SSRF to New Relic - 225 upvotes, $0
- Unauthenticated blind SSRF in OAuth Jira authorization controller to GitLab - 222 upvotes, $4000
- SSRF in graphQL query (pwapi.ex2b.com) to EXNESS - 221 upvotes, $3000
- Unauthenticated SSRF in jira.tochka.com leading to RCE in confluence.bank24.int to QIWI - 220 upvotes, $0
- Full Read SSRF on Gitlab's Internal Grafana to GitLab - 212 upvotes, $0
- SSRF in webhooks leads to AWS private keys disclosure to Omise - 194 upvotes, $0
- Stored XSS & SSRF in Lark Docs to Lark Technologies - 171 upvotes, $3000
- SSRF on duckduckgo.com/iu/ to DuckDuckGo - 158 upvotes, $0
- Server Side Request Forgery to Lark Technologies - 156 upvotes, $0
- External SSRF and Local File Read via video upload due to vulnerable FFmpeg HLS processing to TikTok - 144 upvotes, $2727
- SSRF chained to hit internal host leading to another SSRF which allows to read internal images. to PlayStation - 138 upvotes, $1000
- SSRF in clients.city-mobil.ru to Mail.ru - 132 upvotes, $1500
- Blind SSRF on errors.hackerone.net due to Sentry misconfiguration to HackerOne - 130 upvotes, $3500
- SSRF in filtering on relap.io to Mail.ru - 130 upvotes, $0
- SSRF on music.line.me through getXML.php to LY Corporation - 128 upvotes, $0
- SSRF In Get Video Contents to Semrush - 117 upvotes, $0
- Full read SSRF via Lark Docs
import as docs
feature to Lark Technologies - 114 upvotes, $5000 - XXE Injection through SVG image upload leads to SSRF to Zivver - 112 upvotes, $0
- SSRF in https://couriers.indrive.com/api/file-storage to inDrive - 104 upvotes, $2000
- Blind SSRF on https://my.exnessaffiliates.com/ allows for internal network enumeration to EXNESS - 103 upvotes, $0
- SSRF on image renderer to PlayStation - 98 upvotes, $1000
- [city-mobil.ru] SSRF & limited LFR on /taxiserv/photoeditor/save endpoint via base64 POST parameter to Mail.ru - 95 upvotes, $0
- SSRF via Office file thumbnails to Slack - 93 upvotes, $4000
- Blind SSRF in horizon-heat to Mail.ru - 91 upvotes, $2500
- Server Side Request Forgery (SSRF) in webhook functionality to HackerOne - 90 upvotes, $2500
- SSRF in api.slack.com, using slash commands and bypassing the protections. to Slack - 78 upvotes, $0
- SSRF and LFI in site-audit tool to Semrush - 77 upvotes, $0
- SSRF на https://qiwi.com с помощью "Prerender HAR Capturer" to QIWI - 77 upvotes, $0
- Blind SSRF in emblem editor (2) to Rockstar Games - 73 upvotes, $1500
- LFI and SSRF via XXE in emblem editor to Rockstar Games - 71 upvotes, $1500
- SVG Server Side Request Forgery (SSRF) to Shopify - 70 upvotes, $500
- Sending Emails from DNSDumpster - Server-Side Request Forgery to Internal SMTP Access to Hacker Target - 69 upvotes, $0
- SSRF in CI after first run to GitLab - 69 upvotes, $0
- Blind SSRF on debug.nordvpn.com due to misconfigured sentry instance to Nord Security - 65 upvotes, $0
- GitLab::UrlBlocker validation bypass leading to full Server Side Request Forgery to GitLab - 63 upvotes, $0
- SSRF and local file disclosure by video upload on https://www.redtube.com/upload to Pornhub - 61 upvotes, $500
- [SSRF] Server-Side Request Forgery at https://sea-web.gold.razer.com/dev/simulator via notify_url Parameter to Razer - 60 upvotes, $2000
- Blind SSRF on https://labs.data.gov/dashboard/Campaign/json_status/ Endpoint to GSA Bounty - 59 upvotes, $300
- SSRF with information disclosure to Lark Technologies - 59 upvotes, $0
- SSRF and local file disclosure in https://wordpress.com/media/videos/ via FFmpeg HLS processing to Automattic - 58 upvotes, $0
- Libuv: Improper Domain Lookup that potentially leads to SSRF attacks to Internet Bug Bounty - 57 upvotes, $4860
- connect.8x8.com: Blind SSRF via /api/v2/chats/image-check allows for Internal Ports scan to 8x8 Bounty - 57 upvotes, $0
- [tanks.mail.ru] SSRF + Кража cookie to Mail.ru - 55 upvotes, $750
- Blind SSRF in magnum upgrade_params to Mail.ru - 54 upvotes, $2500
- SSRF and local file disclosure by video upload on https://www.tube8.com/ to Pornhub - 53 upvotes, $500
- FogBugz import attachment full SSRF requiring vulnerability in *.fogbugz.com to GitLab - 52 upvotes, $0
- Get-based SSRF limited to HTTP protocol on https://resizer.line-apps.com/form to LY Corporation - 51 upvotes, $1350
- [Kafka Connect] [JdbcSinkConnector][HttpSinkConnector] RCE by leveraging file upload via SQLite JDBC driver and SSRF to internal Jolokia to Aiven Ltd - 50 upvotes, $5000
- SSRF - Unchecked Snippet IDs for distributed files to Open-Xchange - 49 upvotes, $1500
- SSRF in VCARD photo upload functionality to Open-Xchange - 49 upvotes, $850
- SSRF in hatchful.shopify.com to Shopify - 49 upvotes, $500
- Blind SSRF at https://chaturbate.com/notifications/update_push/ to Chaturbate - 49 upvotes, $0
- BLIND SSRF ON http://jsgames.mail.ru via avaOp parameter to Mail.ru - 49 upvotes, $0
- Blind SSRF External Interaction on ████████ to MTN Group - 49 upvotes, $0
- Blind SSRF on platform.dash.cloudflare.com Due to Sentry misconfiguration to Cloudflare Public Bug Bounty - 49 upvotes, $0
- SSRF By adding a custom integration on console.helium.com to Helium - 48 upvotes, $500
- Internal SSRF bypass using slash commands at api.slack.com to Slack - 47 upvotes, $500
- SMB SSRF in emblem editor exposes taketwo domain credentials, may lead to RCE to Rockstar Games - 46 upvotes, $1500
- SSRF to read AWS metaData at https://█████/ [HtUS] to U.S. Dept Of Defense - 46 upvotes, $1000
- SSRF vulnerability can be exploited when a hijacked aggregated api server such as metrics-server returns 30X to Kubernetes - 46 upvotes, $1000
- SSRF in https://imgur.com/vidgif/url to Imgur - 46 upvotes, $0
- Bypass of the SSRF protection in Event Subscriptions parameter. to Slack - 46 upvotes, $0
- SSRF to Mail.ru - 44 upvotes, $0
- SSRF - Blacklist bypass for mail account addition to Open-Xchange - 43 upvotes, $500
- SSRF in the application's image export functionality to Visma Public - 42 upvotes, $250
- Internal Blind Server-Side Request Forgery (SSRF) allows scanning internal ports to Mozilla - 42 upvotes, $0
- Bypassing domain deny_list rule in Smokescreen via trailing dot leads to SSRF to Stripe - 41 upvotes, $1500
- SSRF - Image Sources in HTML Snippets - 727234 bypass to Open-Xchange - 41 upvotes, $400
- SSRF in alerts.newrelic.com exposes entire internal network to New Relic - 39 upvotes, $0
- Server-Side Request Forgery (SSRF) in Ghost CMS to Node.js third-party modules - 39 upvotes, $0
- SSRF - Office Documents - Image URL to Open-Xchange - 37 upvotes, $450
- SSRF - URL Attachments - 725307 bypass to Open-Xchange - 37 upvotes, $400
- SSRF in Functional Administrative Support Tool pdf generator (████) [HtUS] to U.S. Dept Of Defense - 36 upvotes, $4000
- Blind SSRF на calendar.mail.ru при импорте календаря to Mail.ru - 36 upvotes, $0
- blind Server-Side Request Forgery (SSRF) allows scanning internal ports to Elastic - 36 upvotes, $0
- SSRF and local file disclosure by video upload on http://www.youporn.com/ to Pornhub - 35 upvotes, $500
- SSRF in Search.gov via ?url= parameter to GSA Bounty - 35 upvotes, $150
- Grafana SSRF in grafana.instamart.ru to Mail.ru - 35 upvotes, $0
- DNS pin middleware can be tricked into DNS rebinding allowing SSRF to Nextcloud - 35 upvotes, $0
- Injection of
http.\<url\>.*
git config settings leading to SSRF to GitLab - 34 upvotes, $3000 - MCS Graphite SSRF: internal network access to Mail.ru - 34 upvotes, $2500
- SSRF at jira.plazius.ru - CVE-2019-8451 to Mail.ru - 34 upvotes, $0
- FULL SSRF to Acronis - 34 upvotes, $0
- Blind SSRF in Mail App to Nextcloud - 34 upvotes, $0
- Blind SSRF on [relap.io] to Mail.ru - 33 upvotes, $1000
- SSRF - RSS feed, blacklist bypass (301 re-direct) to Open-Xchange - 33 upvotes, $850
- Blind SSRF at packagist.maximum.nl to Radancy - 33 upvotes, $0
- SSRF on http://www.███████/crossdomain.php via url parameter to Sony - 33 upvotes, $0
- SSRF - RSS feed, blacklist bypass (IP Formatting) to Open-Xchange - 32 upvotes, $850
- SSRF & Blind XSS in Gravatar email to Automattic - 32 upvotes, $0
- Blind SSRF in social-plugins.line.me to LY Corporation - 31 upvotes, $100
- SSRF in https://www.zomato.com████ allows reading local files and website source code to Zomato - 31 upvotes, $0
- SSRF via filter bypass due to lax checking on IPs to Nextcloud - 29 upvotes, $250
- SSRF allows reading AWS EC2 metadata using "readapi" variable in Streamlabs Cloudbot to Logitech - 29 upvotes, $200
- Open redirect bypass & SSRF Security Vulnerability to Smule - 29 upvotes, $0
- [data-07.uberinternal.com] SSRF in Portainer app lead to access to Internal Docker API without Auth to Uber - 28 upvotes, $500
- Blind SSRF in "Integrations" by abusing a bug in Ruby's native resolver. to HackerOne - 28 upvotes, $0
- SSRF at ideas.starbucks.com to Starbucks - 28 upvotes, $0
- SSRF vulnerability on ██████████ leaks internal IP and various sensitive information to U.S. Dept Of Defense - 28 upvotes, $0
- SSRF via potential filter bypass with too lax local domain checking to Nextcloud - 27 upvotes, $250
- SSRF in upload IMG through URL to Discourse - 27 upvotes, $64
- SSRF in notifications.server configuration to Phabricator - 26 upvotes, $300
- Full read SSRF in flyte-poc-us-east4.uberinternal.com to Uber - 25 upvotes, $2000
- Blind SSRF [ Sentry Misconfiguraton ] to Mail.ru - 25 upvotes, $0
- SSRF in imgur video GIF conversion to Imgur - 25 upvotes, $0
- GitLab's GitHub integration is vulnerable to SSRF vulnerability to GitLab - 24 upvotes, $2000
- Bypass for blind SSRF #281950 and #287496 to Infogram - 24 upvotes, $0
- Non-production Open Database In Combination With XXE Leads To SSRF to Evernote - 23 upvotes, $0
- [Plazius] SSRF через некорректно сконфигурированный Fiddler 46.148.201.206:10121 to Mail.ru - 23 upvotes, $0
- SSRF to AWS file read to Topcoder - 23 upvotes, $0
- SSRF to Cloudflare Vulnerability Disclosure - 22 upvotes, $0
- SSRF vulnerability on proxy.duckduckgo.com (access to metadata server on AWS) to DuckDuckGo - 22 upvotes, $0
- [Uppy] Internal Server side request forgery (bypass of #786956) to Node.js third-party modules - 22 upvotes, $0
- Unauthenticated Blind SSRF at https://█████ via xmlrpc.php file to U.S. Dept Of Defense - 22 upvotes, $0
- ssrf xspa [https://prt.mail.ru/] 2 to Mail.ru - 21 upvotes, $150
- SSRF on █████████ Allowing internal server data access to U.S. Dept Of Defense - 21 upvotes, $0
- SSRF & unrestricted file upload on https://my.stripo.email/ to Stripo Inc - 21 upvotes, $0
- Server Side Request Forgery in Uppy npm module to Node.js third-party modules - 21 upvotes, $0
- SSRF for kube-apiserver cloudprovider scene to Kubernetes - 21 upvotes, $0
- SSRF in /appsuite/api/autoconfig to Open-Xchange - 20 upvotes, $850
- Wordpress 4.7 - CSRF -> HTTP SSRF any private ip:port and basic-auth to WordPress - 20 upvotes, $0
- SSRF on jira.mariadb.org to MariaDB - 20 upvotes, $0
- Blind HTTP GET SSRF via website icon fetch (bypass of pull#812) to Bitwarden - 20 upvotes, $0
- SSRF external interaction to Stripo Inc - 20 upvotes, $0
- Half-Blind SSRF found in kube/cloud-controller-manager can be upgraded to complete SSRF (fully crafted HTTP requests) in vendor managed k8s service. to Kubernetes - 19 upvotes, $5000
- Server side request forgery on image upload for lists to Instacart - 19 upvotes, $50
- Infrastructure - Photon - SSRF to WordPress - 19 upvotes, $0
- SSRF at iris.lystit.com to Lyst - 19 upvotes, $0
- CRLF injection & SSRF in git:// protocal lead to arbitrary code execution to GitLab - 19 upvotes, $0
- Blind SSRF in ads.tiktok.com to TikTok - 19 upvotes, $0
- Bypassing Whitelist to perform SSRF for internal host scanning to U.S. Department of State - 19 upvotes, $0
- Server side request forgery (SSRF) on nextcloud implementation. to Nextcloud - 18 upvotes, $0
- Additional bypass allows SSRF for internal netblocks to HackerOne - 18 upvotes, $0
- Bypassing HTML filter in "Packing Slip Template" Lead to SSRF to Internal Kubernetes Endpoints to Shopify - 18 upvotes, $0
- Blind SSRF on sentry.dev-my.com due to Sentry misconfiguration to Mail.ru - 17 upvotes, $500
- SSRF protection bypass to Nextcloud - 17 upvotes, $100
- SSRF vulnerability in gitlab.com via project import. to GitLab - 17 upvotes, $0
- SSRF thru File Replace to Concrete CMS - 17 upvotes, $0
- SSRF On [ allods.mail.ru ] to Mail.ru - 17 upvotes, $0
- SSRF in img.lemlist.com that leads to Localhost Port Scanning to lemlist - 17 upvotes, $0
- [la.mail.ru] - SSRF + кража cookie to Mail.ru - 16 upvotes, $750
- SSRF + RCE через fastCGI в POST /api/nr/video to Mail.ru - 16 upvotes, $0
- Potential SSRF in sales.mail.ru to Mail.ru - 15 upvotes, $300
- Unauthenticated SSRF in 3rd party module "cerdic/csstidy" to Nextcloud - 15 upvotes, $250
- SSRF in https://cards-dev.twitter.com/validator to X (Formerly Twitter) - 15 upvotes, $0
- SSRF на https://target.my.com/ to Mail.ru - 14 upvotes, $800
- SSRF allows access to internal services like Ganglia to Dropbox - 14 upvotes, $729
- SSRF via webhook to Mixmax - 14 upvotes, $0
- SSRF issue in "URL target" allows [REDACTED] to Zendesk - 14 upvotes, $0
- SSRF in proxy.duckduckgo.com via the image_host parameter to DuckDuckGo - 14 upvotes, $0
- Blind SSRF in Ticketing Integrations Jira webhooks leading to internal network enumeration and blind HTTP requests to New Relic - 14 upvotes, $0
- Blind SSRF on synthetics.newrelic.com to New Relic - 13 upvotes, $0
- Internal Ports Scanning via Blind SSRF to New Relic - 13 upvotes, $0
- SSRF restricted to HTTP/HTML on LINE Social Plugins (https://social-plugins.line.me/) to LY Corporation - 13 upvotes, $0
- Blind SSRF as normal user from mailapp to Nextcloud - 13 upvotes, $0
- SSRF protection bypass in /appsuite/api/oxodocumentfilter addfile action to Open-Xchange - 12 upvotes, $550
- Bypass of the SSRF protection (Slack commands, Phabricator integration) to Slack - 12 upvotes, $100
- SSRF on testing endpoint to APITest.IO - 12 upvotes, $0
- Server-Side Request Forgery in "icons.bitwarden.net" to Bitwarden - 12 upvotes, $0
- Golang : Improvements to Golang SSRF query to GitHub Security Lab - 12 upvotes, $0
- SSRF In plantuml (on plantuml.pre.gitlab.com) to GitLab - 12 upvotes, $0
- Blind SSRF on velodrome.canary.k8s.io to Kubernetes - 12 upvotes, $0
- SSRF bypass to Concrete CMS - 12 upvotes, $0
- SSRF and local file read in video to gif converter to Imgur - 11 upvotes, $0
- Internal Ports Scanning via Blind SSRF to Infogram - 11 upvotes, $0
- [et.mail.ru] ssrf 2 to Mail.ru - 11 upvotes, $0
- SSRF when importing a project from a git repo by URL to GitLab - 11 upvotes, $0
- H1514 Shopify API ruby SDK session setup lacks input validation, resulting in SSRF and leakage of client secret to Shopify - 11 upvotes, $0
- SSRF in Export template to ActiveCampaign to Stripo Inc - 11 upvotes, $0
- SSRF into Shared Runner, by replacing dockerd with malicious server in Executor to GitLab - 11 upvotes, $0
- Responsive Server-side Request Forgery (SSRF) to Nextcloud - 11 upvotes, $0
- Blind SSRF in /appsuite/api/oxodocumentfilter&action=addfile to Open-Xchange - 10 upvotes, $550
- SSRF на api.icq.net to Mail.ru - 10 upvotes, $500
- Server side request forgery to Mail.ru - 10 upvotes, $0
- [h1-415 2020] SSRF in a headless chrome with remote debugging leads to sensible information leak to h1-ctf - 10 upvotes, $0
- SSRF vulnerablity in app webhooks to Dropbox - 9 upvotes, $512
- Server-Side request forgery in New-Subscription feature of the calendar app to Nextcloud - 9 upvotes, $100
- SSRF occurrence in website preview used by LINE Official Account Manager (https://manager.line.biz) to LY Corporation - 9 upvotes, $100
- SSRF (open) - via GET request to VK.com - 9 upvotes, $0
- Internal Ports Scanning via Blind SSRF (URL Redirection to beat filter) to Infogram - 9 upvotes, $0
- Server Side Request Forgery on JSON Feed to Infogram - 9 upvotes, $0
- SSRF vulnerability in gitlab.com webhook to GitLab - 9 upvotes, $0
- Blind SSRF on image proxy camo.stream.highwebmedia.com to Chaturbate - 9 upvotes, $0
- SSRF in ███████ to U.S. Dept Of Defense - 9 upvotes, $0
- Bypassing domain deny_list rule in Smokescreen via double brackets [[]] which leads to SSRF to Stripe - 9 upvotes, $0
- Mail app - blind SSRF via imapHost parameter to Nextcloud - 9 upvotes, $0
- Server Side Request Forgery In Video to GIF Functionality to Imgur - 8 upvotes, $0
- Potential SSRF and disclosure of sensitive site on *shopifycloud.com to Shopify - 8 upvotes, $0
- SSRF on infawiki.informatica.com and infawikitest.informatica.com to Informatica - 8 upvotes, $0
- Server-Side Request Forgery (SSRF) to U.S. Dept Of Defense - 8 upvotes, $0
- SSRF in /cabinet/stripeapi/v1/siteInfoLookup?url=XXX to Stripo Inc - 8 upvotes, $0
- Blind SSRF on http://info.ucs.ru/settings/check/ to Mail.ru - 8 upvotes, $0
- Server Side Request Forgery in 'Jabber settings' in Admin Control Panel to phpBB - 8 upvotes, $0
- [usuppliers.uber.com] - Server Side Request Forgery via XXE OOB to Uber - 8 upvotes, $0
- Full read SSRF at █████████ [HtUS] to U.S. Dept Of Defense - 8 upvotes, $0
- SSRF & XSS (W3 Total Cache) to Pornhub - 7 upvotes, $1000
- SSRF / Local file enumeration / DoS due to improper handling of certain file formats by ffmpeg to Imgur - 7 upvotes, $0
- SSRF on synthetics.newrelic.com permitting access to sensitive data to New Relic - 7 upvotes, $0
- GET /api/v2/url_info endpoint is vulnerable to Blind SSRF to Automattic - 7 upvotes, $0
- SSRF in www.ucs.ru to Mail.ru - 7 upvotes, $0
- Server Side Request Forgery to Lark Technologies - 7 upvotes, $0
- SSRF due to CVE-2021-26855 on ████████ to U.S. Dept Of Defense - 7 upvotes, $0
- Blind SSRF via image upload URL downloader on https://██████/ to U.S. Dept Of Defense - 7 upvotes, $0
- Mail app - Blind SSRF via Sierve server fonctionnality and sieveHost parameter to Nextcloud - 7 upvotes, $0
- Mail app - blind SSRF via smtpHost parameter to Nextcloud - 7 upvotes, $0
- Blind SSRF in FogBugz project import to GitLab - 7 upvotes, $0
- SSRF in the Connector Designer (REST and Elastic Search) to Bime - 6 upvotes, $0
- Blind SSRF due to img tag injection in career form to Mixmax - 6 upvotes, $0
- Potensial SSRF via Git repository URL to GitLab - 6 upvotes, $0
- SSRF on ████████ to U.S. Dept Of Defense - 6 upvotes, $0
- Blind SSRF at https://chat.makerdao.com/account/profile to BlockDev Sp. Z o.o - 6 upvotes, $0
- Bypass of SSRF Vulnerability to Node.js third-party modules - 6 upvotes, $0
- [Java] CWE-918: Added URLClassLoader and WebClient SSRF sinks to GitHub Security Lab - 6 upvotes, $0
- [Python]: Add Server-side Request Forgery sinks to GitHub Security Lab - 6 upvotes, $0
- Local file disclosure through SSRF at next.nutanix.com to Nutanix - 6 upvotes, $0
- SSRF mitigation bypass using DNS Rebind attack to Concrete CMS - 6 upvotes, $0
- SSRF via 'Add Image from URL' feature to Shopify - 5 upvotes, $0
- Dropbox apps Server side request forgery to Dropbox - 5 upvotes, $0
- Server Side Request Forgery (SSRF) vulnerability in a DoD website to U.S. Dept Of Defense - 5 upvotes, $0
- Possible SSRF at URL Parameter while creating a new package repository to GoCD - 5 upvotes, $0
- SSRF on local storage of iOS mobile to Nextcloud - 5 upvotes, $0
- Blind SSRF while Creating Templates to Stripo Inc - 5 upvotes, $0
- C# : Add query to detect Server Side Request Forgery to GitHub Security Lab - 5 upvotes, $0
- [Java]: Add JDBC connection SSRF sinks to GitHub Security Lab - 5 upvotes, $0
- SSRF ACCESS AWS METADATA - █████ to U.S. Dept Of Defense - 5 upvotes, $0
- Yet another SSRF query for Go to GitHub Security Lab - 4 upvotes, $450
- Yet another SSRF query for Go to GitHub Security Lab - 4 upvotes, $450
- SSRF - Guard - Unchecked HKP servers to Open-Xchange - 4 upvotes, $400
- SSRF - Guard - Unchecked WKS servers to Open-Xchange - 4 upvotes, $400
- SSRF vulnerability (access to metadata server on EC2 and OpenStack) to Phabricator - 4 upvotes, $300
- connect.mail.ru: SSRF to Mail.ru - 4 upvotes, $300
- Yet another SSRF query for Javascript to GitHub Security Lab - 4 upvotes, $250
- XXE and SSRF on webmaster.mail.ru to Mail.ru - 4 upvotes, $0
- SSRF on https://whitehataudit.slack.com/account/photo to Slack - 4 upvotes, $0
- Bypass of anti-SSRF defenses in YahooCacheSystem (affecting at least YQL and Pipes) to Yahoo! - 4 upvotes, $0
- SSRF via 'Insert Image' feature of Products/Collections/Frontpage to Shopify - 4 upvotes, $0
- SSRF issue to Bime - 4 upvotes, $0
- WebLogic Server Side Request Forgery to U.S. Dept Of Defense - 4 upvotes, $0
- [Limited bypass of #793704] Blind SSRF in Ghost CMS to Node.js third-party modules - 4 upvotes, $0
- SSRF in my.stripo.email to Stripo Inc - 4 upvotes, $0
- SSRF via Export Service in ActiveCampaign to Stripo Inc - 4 upvotes, $0
- Java: Add SSRF query for Java to GitHub Security Lab - 4 upvotes, $0
- SSRF via maliciously crafted URL due to host confusion to curl - 4 upvotes, $0
- CVE-2021-26855 on ████████ resulting in SSRF to U.S. Dept Of Defense - 4 upvotes, $0
- Blind SSRF on infodesk.engelvoelkers.com via proxy.php to Engel & Völkers Technology GmbH - 4 upvotes, $0
- Yet another SSRF query for Go to GitHub Security Lab - 4 upvotes, $0
- SSRF due to CVE-2021-27905 in www.████████ to U.S. Dept Of Defense - 4 upvotes, $0
- SSRF - pivoting in the private LAN to Concrete CMS - 4 upvotes, $0
- SSRF через Share-ботов to VK.com - 3 upvotes, $300
- Yet another SSRF query for Javascript to GitHub Security Lab - 3 upvotes, $250
- SSRF (Portscan) via Register Function (Custom Server) to RelateIQ - 3 upvotes, $0
- Server Side Request Forgery in macro creation to Phabricator - 3 upvotes, $0
- Internal GET SSRF via CSRF with Press This scan feature to Automattic - 3 upvotes, $0
- SSRF at apps.nextcloud.com/developer/apps/releases/new to Nextcloud - 3 upvotes, $0
- https://████████ Impacted by DNN ImageHandler SSRF to U.S. Dept Of Defense - 3 upvotes, $0
- Yet another SSRF query for Javascript to GitHub Security Lab - 3 upvotes, $0
- Yet another SSRF query for Go to GitHub Security Lab - 3 upvotes, $0
- Yet another SSRF query for Javascript to GitHub Security Lab - 3 upvotes, $0
- [CVE-2022-35949]: undici.request vulnerable to SSRF using absolute / protocol-relative URL on pathname to Internet Bug Bounty - 3 upvotes, $0
- Server-side request forgery (ssrf) to Yelp - 3 upvotes, $0
- ssrf xspa [https://prt.mail.ru/] to Mail.ru - 2 upvotes, $150
- Server Side Request Forgery to Yahoo! - 2 upvotes, $0
- SSRF via git Repo by URL Abuse to GitLab - 2 upvotes, $0
- SSRF in rompager-check to Hanno's projects - 2 upvotes, $0
- SSRF Possible through /wordpress/xmlrpc.php to Ian Dunn - 2 upvotes, $0
- SSRF in login page using fetch API exposes victims IP address to attacker controled server to U.S. Dept Of Defense - 2 upvotes, $0
- CodeQL query to detect SSRF in Python to GitHub Security Lab - 1 upvotes, $500
- Java: CWE-918 - Server Side Request Forgery (SSRF) to GitHub Security Lab - 1 upvotes, $250
- [allods.my.com] SSRF / XSPA to Mail.ru - 1 upvotes, $150
- SSRF на element.mail.ru to Mail.ru - 1 upvotes, $0
- Possible SSRF in email server settings(SMTP mode) to Nextcloud - 1 upvotes, $0
- SSRF leads to internal port scan to Stripo Inc - 1 upvotes, $0