Risk of server-side request forgery detected.

Description

Using unsanitized URLs from the request object when retrieving data puts your application at risk of server-side request forgery (SSRF) attacks. This rule checks for URLs containing user-supplied data.

Remediations

❌ Avoid using user input in URLs:

axios.get(`https://${req.params.host}`)

✅ Use user input indirectly to form a URL:

var host = "default-api.com"
if req.params.host == "something-else" {
host = "other-api.com"
}

axios.get(`https://${host}`)

Resources

Associated CWE

OWASP Top 10