CWE-918 Server-Side Request Forgery (SSRF) for DAST API

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Problem

API Security (Peach API) scanner doesn't support CWE-918 Server-Side Request Forgery (SSRF). This is a gap between API Security and ZAP.

#223783 (comment 593961506)

Proposal

  1. Create new check
  2. Unit tests
  3. Integration tests
  4. E2E Tests
  5. Java benchmark passes
Edited by 🤖 GitLab Bot 🤖