0.004 Low
EPSS
Percentile
72.9%
recurly is vulnerable to server-side request forgery (SSRF) attacks A malicious user can pass a URI from a different domain to gain access to API keys or other sensitive information.
dev.recurly.com/page/ruby-updates
github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be
hackerone.com/reports/288635