CWE-918

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17.

Server-Side Request Forgery (SSRF) in GitHub repository rudloff/alltube prior to 3.0.2.

A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.

The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users