CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1481

1481 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-40017	Geonode Server Side Request Forgery vulnerability — geonode	7.5	High	2023-08-24
CVE-2022-44729	Apache XML Graphics Batik: Information disclosure vulnerability — Apache XML Graphics Batik	8.2	-	2023-08-22
CVE-2022-44730	Apache XML Graphics Batik: Information disclosure vulnerability — Apache XML Graphics Batik	6.5	-	2023-08-22
CVE-2023-24515	Server side request forgery in api checker — Pandora FMS	5.2	Medium	2023-08-22
CVE-2023-35011	IBM Cognos Analytics server-side request forgey — Cognos Analytics	5.4	Medium	2023-08-16
CVE-2023-40033	Server-Side Request Forgery via Avatar upload in flarum — framework	7.1	High	2023-08-16
CVE-2023-3958	WP Remote Users Sync <= 1.2.12 - Authenticated (Subscriber+) Server Side Request Forgery — WP Remote Users Sync	8.5	High	2023-08-16
CVE-2023-26442	Open-Xchange AppSuite 代码问题漏洞 — OX App Suite	3.2	Low	2023-08-02
CVE-2023-26438	Open-Xchange AppSuite 跨站脚本漏洞 — OX App Suite	4.3	Medium	2023-08-02
CVE-2023-3981	Server-Side Request Forgery (SSRF) in omeka/omeka-s — omeka/omeka-s	7.5	-	2023-07-27
CVE-2023-37290	InfoDoc Document On-line Submission and Approval System - Server-Side Request Forgery (SSRF) — Document On-line Submission and Approval System	7.5	High	2023-07-20
CVE-2023-29260	IBM Sterling Connect:Express for UNIX server-side request forgery — Sterling Connect:Express for UNIX	6.5	Medium	2023-07-19
CVE-2023-3577	Limited blind SSRF to localhost/intranet in interactive dialog implementation — Mattermost	3.5	Low	2023-07-17
CVE-2023-32052	Microsoft Power Apps (online) Spoofing Vulnerability — Microsoft Power Apps	5.4	Medium	2023-07-11
CVE-2023-36925	Unauthenticated blind SSRF in SAP Solution Manager (Diagnostics agent) — SAP Solution Manager (Diagnostics agent)	7.2	High	2023-07-11
CVE-2023-3578	DedeCMS co_do.php server-side request forgery — DedeCMS	5.5	Medium	2023-07-10
CVE-2021-42079	SSRF vulnerability in OSNEXUS QuantaStor before 6.0.0.355 — QuantaStor	6.2	Medium	2023-07-10
CVE-2023-37262	CC: Tweaked SSRF to Cloud Services Metadata Services not Blocked by Default — CC-Tweaked	9.6	Critical	2023-07-07
CVE-2023-37261	OpenComputers's SSRF to cloud service metadata services and local IPv6 addresses not blocked by default — OpenComputers	9.6	Critical	2023-07-07
CVE-2023-3432	Server-Side Request Forgery (SSRF) in plantuml/plantuml — plantuml/plantuml	7.5	-	2023-06-27
CVE-2023-33176	Blind SSRF When Uploading Presentation in BigBlueButton — bigbluebutton	4.8	Medium	2023-06-26
CVE-2023-35133	Moodle: ssrf risk due to insufficient check on the curl blocked hosts	7.5	High	2023-06-22
CVE-2023-26435	Open-Xchange App Suite 代码问题漏洞 — OX App Suite	5.0	Medium	2023-06-20
CVE-2023-26431	Open-Xchange OX App Suite 代码问题漏洞 — OX App Suite	5.0	Medium	2023-06-20
CVE-2023-29292	Server Side Request Forgery (SSRF) in FedEx carrier integration configuration — Magento Commerce	4.9	Medium	2023-06-15
CVE-2023-29291	Server Side Request Forgery (SSRF) in USPS carrier integration configuration — Magento Commerce	4.9	Medium	2023-06-15
CVE-2023-3238	OTCMS server-side request forgery — OTCMS	6.3	Medium	2023-06-14
CVE-2023-3236	mccms Comic.php pic_save server-side request forgery — mccms	6.3	Medium	2023-06-14
CVE-2023-3235	mccms Comic.php pic_api server-side request forgery — mccms	6.3	Medium	2023-06-14
CVE-2023-3233	Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery — CRMEB	6.3	Medium	2023-06-14

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1481 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1481