Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 531— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 5.9
WSO2 SSRF and Reflected XSS Vulnerability (CVE-2025-5350) Advisory
security.docs.wso2.com · 2025-10-24

### Key Information #### Vulnerability Overview - **Vulnerability ID**: WSO2-2025-4124/CVE-2025-5350 - **Release Date**: 2025-10-24 - **Update Date**: 2025-10-24 - **Version**: 1.0.0 - **Severity**: M…

Read more
Nagios XI <5.6.11 Unauthenticated XSS and SSRF via Highcharts (CVE-2020-36862)
www.vulncheck.com · 2025-10-31

### Key Information - **Vulnerability Title**: Nagios XI < 5.6.11 Unauthenticated XSS and SSRF via Highcharts - **Severity**: MEDIUM - **Date**: October 30, 2025 - **Affected Versions**: XI < 5.6.11 -…

Read more
LocalStack 0.12.6 OS Command Injection, SSRF, and XSS Vulnerabilities Analysis (CVE-2021-32090/32091)
blog.sonarsource.com · 2025-11-09

### Key Information about the LocalStack Vulnerabilities #### Overview - **Article Title**: Hack the Stack with LocalStack: Code Vulnerabilities Explained - **Author**: Dennis Brinkrolf (Security Rese…

Read more
CVE-2022-1722: SSRF in jgraph/drawio via IPv6 link-local address bypass
huntr.dev · 2025-11-09

### Critical Vulnerability Information - **Vulnerability Name**: SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio - **CVE ID**: CVE-2022-1722 - **Vulnerability Type**: Server-Side R…

Read more
OX App Suite Vulnerability Advisory: SSRF, XSS, Info Disclosure (CVE-2019-14225/14226/14227)
seclists.org · 2025-11-09

- **Product**: OX App Suite - **Vendor**: OX Software GmbH - **Vulnerabilities**: - **Server-Side Request Forgery (CWE-918)**: - **Details**: Vulnerability in the iCal event subscription mechanism. - …

Read more
CVSS 4.0
CVE-2025-12520: WP Airbnb Review Slider SSRF to Stored XSS Vulnerability Analysis
cyberresearchhub.com · 2025-11-09

## CVE-2025-12520 - SSRF to XSS ### Affected Component - **Plugin:** WP Airbnb Review Slider - **Affected versions:** < 4.3 - **Vulnerable behavior:** - URL input is validated only by `FILTER_VALIDATE…

Read more
CVSS 7.3
Red Hat JBoss EAP 8.0.2 Security Update: SSRF/Credential Leak Fixes (CVE-2024-1233, CVE-2024-1102)
access.redhat.com · 2025-11-14

### Key Vulnerability Information #### Synopsis - **Severity**: Moderate - Update for Red Hat JBoss Enterprise Application Platform 8.0.2 Security Update #### Vulnerabilities Addressed - **CVE-2023-45…

Read more
Lichess Game Export API SSRF Vulnerability Analysis
hackerone.com · 2025-11-14

### Key Information #### Vulnerability Type - **Server-Side Request Forgery (SSRF) via Game Export API** #### Discoverer - **oblivionsage** #### Report Submission Time - **May 28, 2025, 9:36am UTC** #…

Read more
CVSS 2.0
XunRuiCMS <=4.7.1 Domain Binding SSRF Leading to Remote XSS
vuldb.com · 2025-12-05

**Vulnerability Details:** - **Title:** Sichuan Xunrui Cloud Software Development Co., Ltd xunruicms <=4.7.1 URL redirection causing remote XSS - **Description:** In the backend of the xunruicms frame…

Read more
Sonatype Nexus Repository 3.88.0 Security Update: CVE-2026-0601 XSS Fix & SSRF Mitigation
help.sonatype.com · 2026-01-20

### Critical Vulnerability Information #### Known Issues - **NuGet Search Issue**: In Sonatype Nexus Repository 3.88.0, NuGet client search requests may fail when the application runs on an embedded H…

Read more
lucy-xss-filter SSRF and Java Info Disclosure Vulnerability Analysis
github.com · 2026-01-20

### Critical Vulnerability Information #### Vulnerability Type - **SSRF (Server-Side Request Forgery)** - **Java Server-Side Java Console Information Disclosure** #### Vulnerability Trigger Conditions…

Read more
Saleor Security Configuration Guide: SSRF Protection, File Upload Restrictions, and XSS Sanitization
docs.saleor.io · 2026-01-27

## Critical Vulnerability Information - **HTTP Redirects and Timeouts** - Saleor disables HTTP redirects for outgoing connections by default and enforces strict timeout values (typically <20s). - This…

Read more
CVSS 7.1
SSRF Private Network Bypass via Numeric Address (GHSA-hgr9-frvw-5r76)
github.com · 2026-01-30

From the provided web screenshot, we can extract the following key information about the vulnerability: ### Vulnerability Summary - **Vulnerability Name**: SSRF (Server-Side Request Forgery) and priva…

Read more
CVSS 8.9
v1.1.3-alpha Security Fixes: Persistent XSS and SSRF Mitigation
github.com · 2026-02-21

## Critical Vulnerability Information ### v1.1.3-alpha (Pre-release) #### Security Fixes - **XSS Prevention**: Mitigated the primary persistent XSS risk in chat tool interfaces by eliminating unsafe r…

Read more
Premium intel
CVSS 8.8
Advanced Woo Labels Plugin Vulnerability Analysis (XSS/SSRF/RCE)
plugins.trac.wordpress.org · 2026-02-25

### Critical Vulnerability Information - **Plugin Name**: Advanced Woo Labels - **File**: `/includes/admin/class-awl-admin-ajax.php` - **Version**: 2.34 - **Last Modified**: Modified in changeset 3443…

Read more
CVSS 3.8
WordPress Plugin Bit Form SSRF Vulnerability (CVE-2024-13450) Advisory
www.wordfence.com · 2026-02-26

### Critical Vulnerability Information #### Vulnerability Summary - **CVE ID**: CVE-2024-13450 - **CVSS Score**: 3.8 (Low) - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Publication …

Read more
CVSS 5.9
Patchstack WordPress Vulnerability Database Summary (RCE/SSRF/SQLi)
patchstack.com · 2026-04-02

## Patchstack Open Source Vulnerability Database ### Vulnerability Overview This page displays **39,658+** WordPress-related vulnerabilities, covering multiple vulnerability types: - **SSRF (Server-Si…

Read more
CVSS 7.7
Open WebUI v0.8.11 Security Patch Summary: SSRF, Bypass, Session Fixation
github.com · 2026-04-02

# Open WebUI v0.8.11 Security Vulnerability Fixes Summary ## Vulnerability Overview This release fixes multiple security vulnerabilities, primarily involving **model access control bypass**, **termina…

Read more
ImEditor SSRF Vulnerability Analysis (CVSS 7.5) with POC
github.com · 2026-04-03

# ImEditor 服务端请求伪造 (SSRF) 漏洞总结 ### 漏洞概述 * **漏洞名称:** Server-Side Request Forgery (SSRF) Vulnerability in ImEditor #11 * **CVSS 评分:** 7.5 (High) * **描述:** ImEditor 的 `upload.php` 脚本存在服务端请求伪造漏洞。攻击者可通过构造恶…

Read more
CVSS 6.1
Roundcube Webmail Security Update: SSRF, XSS, Deserialization Fixes
roundcube.net · 2026-04-03

### 漏洞概述 Roundcube Webmail 发布安全更新(版本 1.7-rc5、1.6.14 和 1.5.14),修复了多个近期报告的安全漏洞。 ### 影响范围 - Roundcube Webmail 1.6 和 1.5 LTS 版本 - Roundcube Webmail 1.7 的候选版本(1.7-rc5) ### 修复方案 建议立即升级至以下版本以修复所有已知漏洞: - **1.…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.