| ▲ | chc4 3 hours ago | |||||||
SSRF is not just a DoS. | ||||||||
| ▲ | CodesInChaos 2 hours ago | parent [-] | |||||||
To have a significant impact SSRF needs to be combined with a second worse vulnerability: An endpoint that trusts unauthenticated requests just because they come from within the local network. Sadly several popular clouds have such a vulnerability out of the box (metadata endpoint). | ||||||||
| ||||||||