Course
In this lab, the developer blocked the previous Server Side Request Forgery (SSRF) attack by restricting access to 127.0.0.1. However, this is the only block implemented, leaving the application vulnerable to alternative methods of accessing localhost.
Skills covered
Injection
Network
CWE-918
Included with PRO
Full course content
2 videos
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
