Jump to content

Server-side request forgery

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Rou95 (talk | contribs) at 11:55, 28 February 2019 (References). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In computer security, server-side request forgery (SSRF) is a type of exploit where an attacker abuses the functionality of a server causing it to access or manipulate information in the realm of that server that would otherwise not be directly accessible to the attacker.[1]

Similar to cross-site request forgery which utilises a web client, for example, a web browser, within the domain as a proxy for attacks; an SSRF attack utilises an insecure server within the domain as a proxy.

References

  1. ^ "The Open Web Application Security Project". OWASP.org. Retrieved 23 July 2018.
Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Server-side_request_forgery&oldid=885499762"