Server-Side Request Forgery
Make the server fetch what you can't.
Chapter 08 of the roadmap. Work through each walkthrough below, or browse every topic.
-
Server-Side Request Forgery: Accessing Internal Pages via Support Form
Exploiting a server-side request forgery vulnerability in OopsSec Store's support form to access restricted internal pages.