Server-Side Request Forgery
Server-Side Request Forgery abuses a feature where a server fetches a URL supplied by the user, coercing the server into making requests the attacker could not make directly. This can expose internal services, cloud metadata endpoints, and other resources hidden behind firewalls. SSRF has been central to several major cloud breaches and is now part of the OWASP Top 10.