logo

Database

Typescript Ssrf Via Unsanitized Axios

Description

Detects Server-Side Request Forgery (SSRF) vulnerabilities in Node.js/Express applications using the Axios HTTP client. This security issue occurs when user-controlled input can influence outbound HTTP requests without proper validation, potentially allowing attackers to probe internal networks or access sensitive resources.

Weakness:

100 - Server-side request forgery (SSRF)

Category: Deceptive Interactions

Detection Strategy

    Identifies HTTP client requests made using Axios where the URL or request configuration is influenced by user input

    Checks if the URL or request parameters come from request parameters, query strings, or body data without sanitization

    Reports a vulnerability when user-controlled data flows into Axios HTTP request methods (get, post, put, etc.) without proper URL validation

Vulnerable code example

const express = require('express');
const axios = require('axios');

const app = express();

app.get('/fetch', async (req, res) => {
  const url = req.query.url;
  ...

✅ Secure code example

const express = require('express');
const axios = require('axios');
const validUrl = require('valid-url');

const app = express();

// Define allowed domains for security
const ALLOWED_DOMAINS = ['example.com', 'api.trusted-domain.com'];...