Skip to content

Security Test: SSRF Injection in headers

Description

Default Severity:

SSRF injection in headers happens when a web app fetches a remote resource using a URL supplied by a user without checking it properly. An attacker can then trick the system into making requests to unintended destinations, like internal systems or services behind a firewall. This can expose internal APIs, lead to data breaches, or even be a pathway to further attacks. Developers often overlook proper input validation or rely too much on network boundaries for security, which can leave these vulnerabilities open.

Configuration

Identifier: request_forgery/ssrf_header

Examples

All configuration available:

checks:
  request_forgery/ssrf_header:
    skip: false # default

Compliance and Standards

Standard Value
OWASP API Top 10 API10:2023
OWASP LLM Top 10 LLM06:2023
PCI DSS 6.5.1
GDPR Article-32
SOC2 CC1
PSD2 Article-95
ISO 27001 A.14.2
NIST SP800-53
FedRAMP AC-4
CWE 918
CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVSS Score 7.3