SSRF due to misconfiguration in OAuth Scanner
Sends a POST request with the endpoint "/connect/register" to check external Interaction with multiple POST parameters.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Domain, Ipv4
Parent Category
SSRF due to misconfiguration in OAuth Scanner Detail
Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. A successful SSRF attack can often result in unauthorized actions or access to data within the organization, either in the vulnerable application itself or on other back-end systems that the application can communicate with. In some situations, the SSRF vulnerability might allow an attacker to perform arbitrary command execution.
Try it yourself,
control security posture
control security posture