SSRF (Server-Side Request Forgery)

SSRF tracks one of the most critical vulnerabilities in modern cloud and AI infrastructure. This tag focuses on the mechanics of "proxying" trust— where an attacker induces a server to make unintended requests to internal-only resources like cloud metadata services (AWS IMDS), private databases, or admin planes. We prioritize the evolution of SSRF from a web-app flaw into a primary cloud-compromise vector, specifically analyzing how AI inference engines are weaponized as network primitives.