Server-side request forgery (SSRF) cracked the OWASP top 10 vulns list for APIs this year, and for a good reason. SRT member @kuldeepdotexe details how he found four SSRF flaws on a small attack surface. Read more in this Exploits Explained → hubs.ly/Q01_ljZ80

