Jump to content

Server-side request forgery

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Mrtimuk (talk | contribs) at 10:36, 23 July 2018 (Created page with '{{computer-security-stub}} In computer security, server-side request forgery (SSRF) is a type of exploit where an attacker abuse...'). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)
Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

In computer security, server-side request forgery (SSRF) is a type of exploit where an attacker abuses the functionality of a server causing it to access or manipulate information in the realm of that server that would otherwise not be directly accessible to the attacker[1].

Similar to cross-site request forgery which utilises a web client, for example, a web browser, within the domain as a proxy for attacks; an SSRF attack utilises an insecure server within the domain as a proxy.

  1. ^ "The Open Web Applicaiton Security Project". OWASP.org. Retrieved 23 July 2018.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Server-side_request_forgery&oldid=851595345"