Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF). To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. See https://owasp.org/www-community/attacks/Server_Side_Request_Forgery to learn more about SSRF vulnerabilities. Likelihood: MEDIUM Confidence: MEDIUM CWE: - CWE-918: Server-Side Request Forgery (SSRF)
OWASP: - A10:2021 - Server-Side Request Forgery (SSRF)
ssrf-injection-urllib
Data from request object is passed to a new server-side request. This could lead to a server-side request forgery (SSRF), which could result in attackers gaining access to private organization data. To mitigate, ensure that schemes and hosts are validated against an allowlist, do not forward the response to the user, and ensure proper authentication and transport-layer security in the proxied request. Likelihood: MEDIUM Confidence: MEDIUM CWE: - CWE-918: Server-Side Request Forgery (SSRF)
OWASP: - A10:2021 - Server-Side Request Forgery (SSRF)