Attacks and Threats

What is Server-side Request Forgery (SSRF)?

Server-side Request Forgery (SSRF) is an exploit where a threat actor abuses the functionality of a server causing it to access or manipulate information that would otherwise not be accessible to the hacker. One example of a SSRF attack includes a hacker causing the server to connect to services within the organization’s infrastructure. Hackers could also force the server to connect to external systems, in order to exfiltrate data such as authorization credentials such as usernames and passwords.