Server Side Request Forgery

Server Side Request Forgery, or SSRF, occurs when an application fetches a URL or resource based on user-controlled input without strict validation. Attackers may abuse SSRF to access internal services, cloud metadata endpoints, admin panels, or restricted network resources that are not directly exposed to the internet. In enterprise environments, SSRF is a serious risk because it can lead to sensitive data exposure, internal reconnaissance, authentication bypass, or cloud compromise.