Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitymedium
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelMedium
Impact LevelMedium
Likelihood LevelMedium

Description

User-controlled data from HTTP requests is being passed directly to PhantomJS methods in your Express application without validation. This allows attackers to control URLs or content processed by PhantomJS, leading to server-side request forgery (SSRF).

Impact

An attacker could trick your server into making requests to internal or external systems, potentially accessing sensitive data, bypassing firewalls, or aiding in further attacks. This could lead to data breaches, exposure of internal services, or allow attackers to pivot deeper into your network.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitymedium
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelMedium
Impact LevelMedium
Likelihood LevelMedium

Description

Passing user-controlled data directly into Puppeteer methods like page.goto or page.evaluate allows attackers to make the server perform unintended actions or requests. This exposes your server to Server-Side Request Forgery (SSRF) risks if data from request bodies, headers, or query parameters is used without validation.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severityhigh
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelMedium
Impact LevelHigh
Likelihood LevelMedium

Description

User input from HTTP requests is being directly used to construct URLs for outgoing requests in Express apps. This allows attackers to control the destination of server-side HTTP requests, which is unsafe.

Impact

If exploited, attackers could make your server connect to internal systems, external malicious sites, or cloud metadata endpoints, leading to data theft, internal network scanning, or even remote code execution. This can compromise sensitive infrastructure and expose confidential information.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Passing untrusted user input directly to PhantomJS page methods (like open, setContent, or evaluateJavaScript) can allow attackers to control what the server accesses or executes. Without proper validation or sanitization, this creates a security risk.

Impact

If exploited, attackers could make your server request internal or external resources, potentially exposing sensitive data, accessing restricted services, or enabling further attacks such as internal network scanning or unauthorized actions on behalf of the server.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Passing untrusted user input directly into Puppeteer’s evaluate methods can allow attackers to execute arbitrary code in the browser context. This means user data should never be used as code or function arguments in these APIs.

Impact

If exploited, attackers could execute unauthorized scripts, potentially leading to server-side request forgery (SSRF), data theft, or manipulation of browser actions. This could compromise sensitive information, interact with internal resources, or enable further attacks against your infrastructure.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Passing untrusted or unvalidated user input directly to Puppeteer’s goto method can allow attackers to make the server request arbitrary URLs. This exposes the application to security risks when handling external or user-supplied links.

Impact

If exploited, attackers could force your server to make requests to internal services or malicious websites, potentially accessing sensitive data, performing unauthorized actions, or using your resources for further attacks (SSRF). This can lead to data leaks, service disruption, or exposure of internal infrastructure.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Passing untrusted user input directly to Puppeteer’s setContent method can allow attackers to inject malicious HTML or scripts. This exposes your application to security risks if the content is not properly validated or sanitized.

Impact

An attacker could exploit this to trigger server-side requests to arbitrary URLs, potentially accessing internal resources, leaking sensitive information, or using your server to launch further attacks. This can lead to data breaches, unauthorized actions, or system compromise.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Passing untrusted user input directly to Puppeteer’s evaluate methods allows attackers to inject malicious code that runs in the browser context. This can expose internal resources or sensitive data to unauthorized users.

Impact

If exploited, attackers could perform Server-Side Request Forgery (SSRF), accessing internal services, making unauthorized network requests, or leaking confidential information through your backend. This could lead to data breaches or compromise of internal infrastructure.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Passing untrusted user input directly into Playwright’s evaluate or evaluateHandle methods can allow attackers to execute arbitrary code in the browser context. This means user data is used in a way that could manipulate page behavior or access sensitive resources.

Impact

If exploited, attackers could make the server perform unwanted requests or interact with internal services (SSRF), potentially exposing internal data or enabling further attacks. This could compromise sensitive information or systems not intended to be accessible from the outside.

Server-Side Request Forgery (SSRF)

Property
Languagejavascript
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Passing untrusted user input directly to Playwright’s setContent method can allow attackers to inject malicious HTML or scripts. This can expose your server to unexpected outbound requests or manipulation.

Impact

If exploited, attackers could trick your server into making requests to internal or external systems (SSRF), potentially gaining access to sensitive resources or enabling further attacks against your infrastructure.