Description
The web application or auxiliary systems use values from HTTP headers which leads to SSRF vulnerability. SSRF as in Server Side Request Forgery is a vulnerability that allows an attacker to force server into sending packets initiated by the victim server to the local interface or to another server behind the firewall. Consult Web References for more information about this problem.
Remediation
Properly sanitize user input and use a special sandboxed host to access remote resources
References
Cracking the lens: targeting HTTP's hidden attack-surface