According to Jonathan Chua, Application Security Consultant at nVisium, a Falls Church, Va.-based application security provider, “an SSRF vulnerability allows an attacker to coerce an application server into performing network requests on the attacker’s behalf. This vulnerability may allow attackers to perform malicious network requests under the context of the application server. Application servers often have access to internal network services such as databases, admin panels, and other internal services that normal application users don’t have access to.”

Read entire article here!