SSRF attack definition
Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. The name itself implies that a request that should have otherwise been made by the server has been forged by the attacker.
SSRF attacks are far more dangerous than cross-site request forgery (CSRF) attacks. That’s because, in a way, CSRF attacks involve an attacker hijacking a user’s web browser and performing unauthorized actions on the user’s behalf. During an active CSRF exploit, the malicious activity triggers from the client-side, and it is typically the individual user or their assets being targeted. Of course, CSRF attacks become dangerous when the targeted user has administrator privileges to the web application—in such a case the entire application could be compromised.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
