Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 477— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Strapi SSRF Vulnerability (CVE-2021-41788) Analysis and Reproduction
github.com · 2025-05-30

### Critical Vulnerability Information #### Vulnerability Type - Server-Side Request Forgery (SSRF) in Webhook function #### Affected Versions - @strapi/admin =1.25.2 #### Description In Strapi's inte…

Read more
Videx CyberAudit-Web SSRF Vulnerability (CVE-2025-22374)
csirt.divd.nl · 2025-04-11

## Key Information - **CVE ID**: CVE-2025-22374 - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Product**: Videx Inc. CyberAudit-Web videx-legacy-ssl - **Affected Versions**:…

Read more
YouKeFu XXE Vulnerability Analysis: File Read & SSRF
github.com · 2025-04-09

From this webpage screenshot, the following key vulnerability information can be extracted: - **Project Name and URL**: - Project Name: YouKeFu (优客服) - Project URL: https://github.com/zhangyanbo2007/y…

Read more
SSRF Vulnerability in mymagicpower/AIAS AIAS
github.com · 2025-04-09

### Critical Vulnerability Information #### Vulnerability Description - **Project Name**: mymagicpower/AIAS - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected APIs**: - `/api/in…

Read more
AIAS ai_platform SSRF Vulnerability Analysis and POC
github.com · 2025-04-09

### Critical Vulnerability Information #### Vulnerability Description - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Systems**: Two APIs in the AIAS subsystem `api_platform`…

Read more
OpenShift Console SSRF Vulnerability (CVE-2024-6538)
bugzilla.redhat.com · 2024-11-26

From this webpage screenshot, we can obtain the following key information about the vulnerability: 1. **Vulnerability ID**: CVE-2024-6538 2. **Vulnerability Description**: A Server-Side Request Forger…

Read more
PostHog database_schema SSRF Information Disclosure Vulnerability (CVE-2024-9710)
www.zerodayinitiative.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: PostHog database_schema Server-Side Request Forgery Information Disclosu…

Read more
CVE-2024-11618 Unigy SSRF Vulnerability Advisory
github.com · 2024-11-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: CVE-2024-11618 - **Vulnerability Type**: Server-Side…

Read more
Red Hat OpenShift Console SSRF Vulnerability Advisory (CVE-2024-6538)
access.redhat.com · 2024-11-26

### Key Information #### Vulnerability Description - **CVE Number**: CVE-2024-6538 - **Public Disclosure Date**: November 21, 2024 - **Last Modified Date**: November 21, 2024 - **Impact Level**: Mediu…

Read more
Symfony HttpClient SSRF Fix: Enhanced Private IP Filtering in NoPrivateNetworkHttpClient
github.com · 2024-11-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Code Changes**: - The code changes occurred in the file `src/Symfony/Component/HttpClient/NoPr…

Read more
mipjz 5.0.5 SSRF Vulnerability Analysis
github.com · 2024-10-28

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Product**: mipjz - **Version**: 5.0.5 - **Source Code Link**:…

Read more
Next.js Image Optimizer SSRF Fix (#68628)
github.com · 2024-10-16

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - Vulnerability ID: #68628 - Title: `Reject next image urls in ima…

Read more
Plane SSRF via /_next/image (GHSA-39gx-38xf-c348)
github.com · 2024-10-12

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Server side request forgery via /_next/image endpoin…

Read more
CVE-2024-6763: Eclipse Jetty HttpURI SSRF via Invalid URI Authority
github.com · 2024-10-16

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: URI parsing of invalid authority - **Pu…

Read more
CVE-2024-7207 Envoy SSRF via HTTP Header Manipulation
bugzilla.redhat.com · 2024-09-21

### Bug 2300352 (CVE-2024-7207) - CVE-2024-7207 envoy: Server-side request forgery via HTTP header manipulation #### Key Information: - **Bug ID**: 2300352 - **CVE ID**: CVE-2024-7207 - **Product**: S…

Read more
lobe-chat /api/proxy SSRF Vulnerability (Critical)
github.com · 2024-09-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: 【Critical】/api/proxy endpoint SSRF vulnerability in …

Read more
PhpSpreadsheet XLSX SSRF and Absolute Path Traversal via php://filter (GHSA-5gpr-w2p5-6m37)
github.com · 2024-10-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Absolute path traversal and Server-Side…

Read more
Ada.cx Sentry Misconfiguration Blind SSRF
www.tenable.com · 2024-10-07

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Ada.cx SSRF via Sentry Misconfiguration 2. **Severity Level**: Low 3. **…

Read more
CVE-2024-46984: XXE leading to SSRF in de.gematik.refv.commons
github.com · 2024-09-21

### Key Information #### Vulnerability Description - **Name**: XXE vulnerability can lead to a Server Side Request Forgery attack - **Publisher**: alexey-tschudnowsky - **Publication Date**: Yesterday…

Read more
SSRF Vulnerability Fix Patch Analysis
github.com · 2024-09-24

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Code Changes**: - A list of 6 modified files is shown, including `package.json`, `src/app/api/p…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.