SSRF — Server Side Request Forgery
This is one of OWASP's Top 10 vulnerabilities, that are found in systems today. Sometimes allows users to pass URLs intentionally. For example, uploading a file using the URL feature, makes the application vulnerable.
How does it work?
Many times, you try to upload something by URL, and the site sends a request from the server, not from the client side, because of common reasons like CORS Protection In Browser.
These features are too much risky for their servers if URLs aren’t properly sanitized because the Server requests to the third-party website which is completely in control of the User, user can change it to attack.com or localhost 😈.
An attacker can simply use localhost:5432 to access your database or localhost:6789 to access your Redis server, Any service running internally can be accessed by the same.
This vulnerability can cause data theft and exposure of Public IP.
References:
Portswigger:https://portswigger.net/web-security/ssrf
