Server Side Request Forgery (SSRF), is a recently announced series of flaws which primarily result in a web application server running as a proxy and can then be used to spoof connections to external servers or resources through a vulnerable web application.
This might seem a bit confusing at first but it’s very easy to understand, the attacker sends a request to the web application which, in return, passes on the request to external servers without enforcing proper checks on the attacker’s request.
It’s very common to see a web application these days which retrieves data in the form of images, videos, and documents through the use of user-supplied URLs. This forms the basis of SSRF in which the user-supplied URL source is not properly sanitized, or output of the response is so verbose that it can be used as an indicator to achieve different kinds of SSRF attacks, such as port scanning.
Server-Side Request Forgery is not restricted to external servers and it is possible to send requests to internal servers on a LAN as well as to the loopback address of the vulnerable web application. It is sometimes possible to mask the requests through the web application and bypass firewall restrictions.
