Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
Web security vulnerability
|
| gptkbp:abbreviation |
SSRF
|
| gptkbp:affects |
Web applications
|
| gptkbp:cause |
Remote code execution
Sensitive data exposure Internal network access |
| gptkbp:describedBy |
gptkb:OWASP_Top_Ten
gptkb:CWE-918 |
| gptkbp:detects |
Security testing tools
Web application firewalls |
| gptkbp:exploits |
Server trust in user-supplied URLs
|
| gptkbp:firstAppearance |
Early 2000s
|
| https://www.w3.org/2000/01/rdf-schema#label |
Server Side Request Forgery
|
| gptkbp:mitigatedBy |
Input validation
Allow-listing URLs Disabling unnecessary URL schemes |
| gptkbp:relatedTo |
gptkb:Cross-Site_Request_Forgery
Open redirect vulnerability |
| gptkbp:target |
Cloud infrastructure
Internal APIs Metadata services |
| gptkbp:bfsParent |
gptkb:OWASP_API_Security_Top_10
|
| gptkbp:bfsLayer |
7
|