Fallos del tipo CWE-918
2197 resultadosCVE-2025-60319MEDIUMPerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization check in the uploadAttachByUrl API endpoint EPSS 0.2%CVE-2025-30680HIGHA Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameteEPSS 0.2%CVE-2025-31527MEDIUMWordPress WP Link Preview plugin <= 1.4.1 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2023-22817MEDIUMServer-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi productsEPSS 0.2%CVE-2026-33347MEDIUMleague/commonmark has an embed extension allowed_domains bypassEPSS 0.2%CVE-2023-46945CRITICALQD 20230821 is vulnerable to Server-side request forgery (SSRF) via a crafted requestEPSS 0.2%CVE-2024-13957HIGHSSRF Server Side Request ForgeryEPSS 0.2%CVE-2026-34244MEDIUMWeblate: SSRF via Project-Level Machinery ConfigurationEPSS 0.2%CVE-2026-33440MEDIUMWeblate: Authenticated SSRF via redirect bypass of ALLOWED_ASSET_DOMAINS in screenshot URL uploadsEPSS 0.2%CVE-2025-10393MEDIUMmiurla morphic HTTP Status Code 3xx advanced-search fetchHtml server-side request forgeryEPSS 0.2%CVE-2025-9395MEDIUMwangsongyan wblog backup.go RestorePost server-side request forgeryEPSS 0.2%CVE-2026-33975HIGHtwenty-server SSRF protection bypass via IPv4-mapped IPv6 address normalizationEPSS 0.2%CVE-2020-14328—A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could EPSS 0.2%CVE-2026-57947MEDIUMPinpoint - Server-Side Request Forgery via Alarm Webhook RegistrationEPSS 0.2%CVE-2026-39965HIGHTypeBot: SSRF via Open Redirect Bypass in HTTP Request and Code BlocksEPSS 0.2%CVE-2025-10787MEDIUMMuYuCMS Add Fiend Link index.html server-side request forgeryEPSS 0.2%CVE-2026-23773MEDIUMDell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged atEPSS 0.2%CVE-2025-32358MEDIUMIn Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in Zammad, which are triggered as POST requests EPSS 0.2%CVE-2026-45373HIGHCodeWhale: SSRF IPV6 bypassEPSS 0.2%CVE-2026-34207HIGHTypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request ValidationEPSS 0.2%