Certified Ethical Hacker v11 312-50v11 – Question223

Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend servers, which are protected by a firewall. In this process, he used a URL https://xyz.com/feed.php?url=externalsite.com/feed/to to obtain a remote feed and altered the URL input to the local host to view all the local resources on the target server.
What is the type of attack Jason performed in the above scenario?

A.
Web server misconfiguration
B. Server-side request forgery (SSRF) attack
C. Web cache poisoning attack
D. Website defacement

Correct Answer: B