CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1489

1489 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-26435	Open-Xchange App Suite 代码问题漏洞 — OX App Suite	5.0	Medium	2023-06-20
CVE-2023-26431	Open-Xchange OX App Suite 代码问题漏洞 — OX App Suite	5.0	Medium	2023-06-20
CVE-2023-29292	Server Side Request Forgery (SSRF) in FedEx carrier integration configuration — Magento Commerce	4.9	Medium	2023-06-15
CVE-2023-29291	Server Side Request Forgery (SSRF) in USPS carrier integration configuration — Magento Commerce	4.9	Medium	2023-06-15
CVE-2023-3238	OTCMS server-side request forgery — OTCMS	6.3	Medium	2023-06-14
CVE-2023-3236	mccms Comic.php pic_save server-side request forgery — mccms	6.3	Medium	2023-06-14
CVE-2023-3235	mccms Comic.php pic_api server-side request forgery — mccms	6.3	Medium	2023-06-14
CVE-2023-3233	Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery — CRMEB	6.3	Medium	2023-06-14
CVE-2023-25609	Fortinet FortiManager 代码问题漏洞 — FortiAnalyzer	4.2	Medium	2023-06-13
CVE-2023-3188	Server-Side Request Forgery (SSRF) in owncast/owncast — owncast/owncast	7.5	-	2023-06-10
CVE-2023-1895	Getwid – Gutenberg Blocks <= 1.8.3 - Authenticated(Subscriber+) Server Side Request Forgery — Getwid – Gutenberg Blocks	8.5	High	2023-06-09
CVE-2023-3121	Dahua Smart Parking Management image server-side request forgery — Smart Parking Management	3.5	Low	2023-06-06
CVE-2023-3015	yiwent Vip Video Analysis title.php server-side request forgery — Vip Video Analysis	6.3	Medium	2023-05-31
CVE-2023-2927	JIZHICMS TemplateController.php index server-side request forgery — JIZHICMS	6.3	Medium	2023-05-27
CVE-2023-33184	Blind SSRF in the Nextcloud Mail app on avatar endpoint — security-advisories	3.5	Low	2023-05-27
CVE-2023-32348	Teltonika Remote Management System 代码问题漏洞 — Remote Management System	5.8	Medium	2023-05-22
CVE-2022-29840	Server Side Request Forgery Vulnerability in Western Digital My Cloud Devices — My Cloud OS 5	5.1	Medium	2023-05-10
CVE-2023-24954	Microsoft SharePoint Server Information Disclosure Vulnerability — Microsoft SharePoint Enterprise Server 2016	6.5	Medium	2023-05-09
CVE-2023-30444	IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery — Watson Machine Learning on Cloud Pak for Data	7.1	High	2023-04-27
CVE-2022-48477	JetBrains Hub 代码问题漏洞 — Hub	4.1	Medium	2023-04-24
CVE-2023-2140	Server-Side Request Forgery vulnerability affecting DELMIA Apriso Release 2017 through Release 2022 — DELMIA Apriso	7.5	High	2023-04-21
CVE-2023-25504	Apache Superset: Possible SSRF on import datasets — Apache Superset	4.9	Medium	2023-04-17
CVE-2023-28288	Microsoft SharePoint Server Spoofing Vulnerability — Microsoft SharePoint Enterprise Server 2016	8.1	High	2023-04-11
CVE-2023-1971	yuan1994 tpAdmin Upload.php remote server-side request forgery — tpAdmin	6.3	Medium	2023-04-10
CVE-2023-29008	SvelteKit framework has Insufficient CSRF protection for CORS requests — kit	8.8	High	2023-04-06
CVE-2023-29010	BudiBase Server-Side Request Forgery vulnerability — budibase	6.5	Medium	2023-04-06
CVE-2023-28633	GLPI vulnerable to Blind Server-Side Request Forgery (SSRF) in RSS feeds — glpi	3.5	Low	2023-04-05
CVE-2023-1725	SSRF in Infoline Project Management System — Project Management System	9.8	Critical	2023-03-30
CVE-2023-25195	Apache Fineract: SSRF template type vulnerability in certain authenticated users — Apache Fineract	8.1	-	2023-03-28
CVE-2023-1634	OTCMS URL Parameter info_deal.php UseCurl server-side request forgery — OTCMS	6.3	Medium	2023-03-25

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1489 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1489