Common Weakness Enumeration

CWE-918

Allowed

Server-Side Request Forgery (SSRF)

Abstraction: Base · Status: Incomplete

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

4597 vulnerabilities reference this CWE, most recent first.

GHSA-WX2F-993H-V22P

Vulnerability from github – Published: 2022-05-14 01:30 – Updated: 2022-05-14 01:30
VLAI
Details

GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-8801"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-25T09:29:00Z",
    "severity": "MODERATE"
  },
  "details": "GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component.",
  "id": "GHSA-wx2f-993h-v22p",
  "modified": "2022-05-14T01:30:34Z",
  "published": "2022-05-14T01:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8801"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/301924"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/41642"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WXJ2-QC9P-65R3

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2024-01-30 22:27
VLAI
Summary
Jenkins Mattermost Notification Plugin vulnerable to SSRF
Details

A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.6.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:mattermost"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-1003026"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-30T22:27:01Z",
    "nvd_published_at": "2019-02-20T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message.",
  "id": "GHSA-wxj2-qc9p-65r3",
  "modified": "2024-01-30T22:27:01Z",
  "published": "2022-05-13T01:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003026"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107295"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Mattermost Notification Plugin vulnerable to SSRF"
}

GHSA-WXJ7-3FX5-PP9M

Vulnerability from github – Published: 2025-06-23 15:31 – Updated: 2025-09-12 14:23
VLAI
Summary
MLFlow SSRF via gateway_proxy_handler
Details

gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "mlflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0rc0"
            },
            {
              "fixed": "3.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "mlflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.22.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-52967"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-23T21:22:08Z",
    "nvd_published_at": "2025-06-23T15:15:29Z",
    "severity": "MODERATE"
  },
  "details": "gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.",
  "id": "GHSA-wxj7-3fx5-pp9m",
  "modified": "2025-09-12T14:23:38Z",
  "published": "2025-06-23T15:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52967"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/issues/15944"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/pull/15970"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mlflow/mlflow"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/releases/tag/v2.22.2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/releases/tag/v3.1.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2025-52.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "MLFlow SSRF via gateway_proxy_handler"
}

GHSA-WXJX-R2J2-96FX

Vulnerability from github – Published: 2026-03-25 19:53 – Updated: 2026-03-25 19:53
VLAI
Summary
AVideo: Full-Read SSRF Through Unvalidated statsURL Parameter in plugin/Live/test.php
Details

Summary

The plugin/Live/test.php endpoint accepts a URL via the statsURL parameter and fetches it server-side using file_get_contents(), curl_exec(), or wget, returning the full response content in the HTML output. The only validation is a trivial regex (/^http/) that does not block requests to internal/private IP ranges or cloud metadata endpoints. The codebase provides isSSRFSafeURL() which blocks private IPs and resolves DNS to prevent rebinding, but this endpoint does not call it. An authenticated admin can read responses from cloud metadata services, internal network services, and localhost endpoints.

Details

The vulnerable code path is in plugin/Live/test.php:

User input (line 11):

$statsURL = $_REQUEST['statsURL'];
if (empty($statsURL) || $statsURL == "php://input" || !preg_match("/^http/", $statsURL)) {
    _log('this is not a URL ');
    exit;
}

The regex /^http/ only verifies the URL starts with "http" — it does not validate the host, resolve DNS, or check against private/reserved IP ranges.

Sink — file_get_contents (line 58-68):

if (ini_get('allow_url_fopen')) {
    try {
        $tmp = file_get_contents($url, false, $context);
        _log('file_get_contents:: '.htmlentities($tmp));

Sink — curl_exec (line 73-94):

} elseif (function_exists('curl_init')) {
    $ch = curl_init();
    // ...
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    // ...
    $output = curl_exec($ch);
    // ...
    _log('curl_init:: '.htmlentities($output));

Sink — wget (line 114):

if (wget($url, $filename)) {
    $result = file_get_contents($filename);
    _log('wget:: '.htmlentities($result));

All three code paths output the full response content to the user via _log(), which echoes to the HTML response (line 155-160).

The codebase provides isSSRFSafeURL() at objects/functions.php:4025 which validates URL scheme, resolves DNS hostnames to IP addresses, and blocks private/reserved IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16, and IPv6 equivalents). This function is used in 7 other endpoints including the previously-reported objects/aVideoEncoder.json.php, but plugin/Live/test.php does not call it.

Additionally, SSL certificate verification is disabled on both the file_get_contents stream context (lines 45-49) and the curl handler (lines 79-80), allowing MITM attacks against HTTPS targets.

The endpoint also lacks CSRF token validation while accepting GET requests via $_REQUEST, making it susceptible to cross-site request forgery against authenticated admins, although the CSRF-triggered variant is blind (attacker cannot read the response cross-origin).

PoC

Step 1: Authenticate as admin and obtain session cookie

# Login to obtain PHPSESSID
PHPSESSID=$(curl -s -c - 'https://target.com/objects/userLogin.json.php' \
  -d 'user=admin&pass=adminpass' | grep PHPSESSID | awk '{print $7}')

Step 2: Read AWS cloud metadata (IAM credentials)

curl -b "PHPSESSID=${PHPSESSID}" \
  'https://target.com/plugin/Live/test.php?statsURL=http://169.254.169.254/latest/meta-data/iam/security-credentials/'

Expected output: HTML page containing the full cloud metadata response including IAM role names.

Step 3: Read IAM credentials for a specific role

curl -b "PHPSESSID=${PHPSESSID}" \
  'https://target.com/plugin/Live/test.php?statsURL=http://169.254.169.254/latest/meta-data/iam/security-credentials/MyRole'

Expected output: JSON containing AccessKeyId, SecretAccessKey, and Token for the IAM role.

Step 4: Scan internal services

curl -b "PHPSESSID=${PHPSESSID}" \
  'https://target.com/plugin/Live/test.php?statsURL=http://192.168.1.1:8080/'

Expected output: Full response from internal service at 192.168.1.1:8080.

Impact

An authenticated admin can:

  • Read cloud metadata credentials: Access AWS/GCP/Azure instance metadata endpoints (169.254.169.254) to retrieve IAM credentials, instance identity tokens, and other sensitive cloud configuration.
  • Enumerate internal services: Probe internal network ranges (10.x, 172.16.x, 192.168.x) and localhost services to discover and read from services not exposed to the internet.
  • Port scan internal infrastructure: Determine which internal hosts and ports are active based on response timing and content.
  • Bypass network segmentation: Reach services behind firewalls that trust the AVideo server's IP address.

The full response disclosure (not blind) makes this a high-confidentiality-impact finding. The admin authentication requirement limits the attack surface but does not eliminate it — compromised admin accounts, insider threats, and the lack of CSRF protection all provide attack vectors.

Recommended Fix

Add isSSRFSafeURL() validation before fetching the URL. In plugin/Live/test.php, after line 15:

$statsURL = $_REQUEST['statsURL'];
if (empty($statsURL) || $statsURL == "php://input" || !preg_match("/^http/", $statsURL)) {
    _log('this is not a URL ');
    exit;
}

// Add SSRF protection
if (!isSSRFSafeURL($statsURL)) {
    _log('URL failed SSRF safety check: ' . htmlentities($statsURL));
    exit;
}

Additionally, enable SSL verification in the curl handler (lines 79-80):

// Replace:
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
// With:
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

And in the stream context (lines 45-49):

// Replace:
"ssl" => [
    "verify_peer" => false,
    "verify_peer_name" => false,
    "allow_self_signed" => true,
],
// With:
"ssl" => [
    "verify_peer" => true,
    "verify_peer_name" => true,
    "allow_self_signed" => false,
],
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "wwbn/avideo"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "26.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-25T19:53:55Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nThe `plugin/Live/test.php` endpoint accepts a URL via the `statsURL` parameter and fetches it server-side using `file_get_contents()`, `curl_exec()`, or `wget`, returning the full response content in the HTML output. The only validation is a trivial regex (`/^http/`) that does not block requests to internal/private IP ranges or cloud metadata endpoints. The codebase provides `isSSRFSafeURL()` which blocks private IPs and resolves DNS to prevent rebinding, but this endpoint does not call it. An authenticated admin can read responses from cloud metadata services, internal network services, and localhost endpoints.\n\n## Details\n\nThe vulnerable code path is in `plugin/Live/test.php`:\n\n**User input (line 11):**\n```php\n$statsURL = $_REQUEST[\u0027statsURL\u0027];\nif (empty($statsURL) || $statsURL == \"php://input\" || !preg_match(\"/^http/\", $statsURL)) {\n    _log(\u0027this is not a URL \u0027);\n    exit;\n}\n```\n\nThe regex `/^http/` only verifies the URL starts with \"http\" \u2014 it does not validate the host, resolve DNS, or check against private/reserved IP ranges.\n\n**Sink \u2014 file_get_contents (line 58-68):**\n```php\nif (ini_get(\u0027allow_url_fopen\u0027)) {\n    try {\n        $tmp = file_get_contents($url, false, $context);\n        _log(\u0027file_get_contents:: \u0027.htmlentities($tmp));\n```\n\n**Sink \u2014 curl_exec (line 73-94):**\n```php\n} elseif (function_exists(\u0027curl_init\u0027)) {\n    $ch = curl_init();\n    // ...\n    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\n    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\n    // ...\n    $output = curl_exec($ch);\n    // ...\n    _log(\u0027curl_init:: \u0027.htmlentities($output));\n```\n\n**Sink \u2014 wget (line 114):**\n```php\nif (wget($url, $filename)) {\n    $result = file_get_contents($filename);\n    _log(\u0027wget:: \u0027.htmlentities($result));\n```\n\nAll three code paths output the full response content to the user via `_log()`, which echoes to the HTML response (line 155-160).\n\nThe codebase provides `isSSRFSafeURL()` at `objects/functions.php:4025` which validates URL scheme, resolves DNS hostnames to IP addresses, and blocks private/reserved IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16, and IPv6 equivalents). This function is used in 7 other endpoints including the previously-reported `objects/aVideoEncoder.json.php`, but `plugin/Live/test.php` does not call it.\n\nAdditionally, SSL certificate verification is disabled on both the `file_get_contents` stream context (lines 45-49) and the curl handler (lines 79-80), allowing MITM attacks against HTTPS targets.\n\nThe endpoint also lacks CSRF token validation while accepting GET requests via `$_REQUEST`, making it susceptible to cross-site request forgery against authenticated admins, although the CSRF-triggered variant is blind (attacker cannot read the response cross-origin).\n\n## PoC\n\n**Step 1: Authenticate as admin and obtain session cookie**\n```bash\n# Login to obtain PHPSESSID\nPHPSESSID=$(curl -s -c - \u0027https://target.com/objects/userLogin.json.php\u0027 \\\n  -d \u0027user=admin\u0026pass=adminpass\u0027 | grep PHPSESSID | awk \u0027{print $7}\u0027)\n```\n\n**Step 2: Read AWS cloud metadata (IAM credentials)**\n```bash\ncurl -b \"PHPSESSID=${PHPSESSID}\" \\\n  \u0027https://target.com/plugin/Live/test.php?statsURL=http://169.254.169.254/latest/meta-data/iam/security-credentials/\u0027\n```\n\nExpected output: HTML page containing the full cloud metadata response including IAM role names.\n\n**Step 3: Read IAM credentials for a specific role**\n```bash\ncurl -b \"PHPSESSID=${PHPSESSID}\" \\\n  \u0027https://target.com/plugin/Live/test.php?statsURL=http://169.254.169.254/latest/meta-data/iam/security-credentials/MyRole\u0027\n```\n\nExpected output: JSON containing `AccessKeyId`, `SecretAccessKey`, and `Token` for the IAM role.\n\n**Step 4: Scan internal services**\n```bash\ncurl -b \"PHPSESSID=${PHPSESSID}\" \\\n  \u0027https://target.com/plugin/Live/test.php?statsURL=http://192.168.1.1:8080/\u0027\n```\n\nExpected output: Full response from internal service at 192.168.1.1:8080.\n\n## Impact\n\nAn authenticated admin can:\n\n- **Read cloud metadata credentials:** Access AWS/GCP/Azure instance metadata endpoints (169.254.169.254) to retrieve IAM credentials, instance identity tokens, and other sensitive cloud configuration.\n- **Enumerate internal services:** Probe internal network ranges (10.x, 172.16.x, 192.168.x) and localhost services to discover and read from services not exposed to the internet.\n- **Port scan internal infrastructure:** Determine which internal hosts and ports are active based on response timing and content.\n- **Bypass network segmentation:** Reach services behind firewalls that trust the AVideo server\u0027s IP address.\n\nThe full response disclosure (not blind) makes this a high-confidentiality-impact finding. The admin authentication requirement limits the attack surface but does not eliminate it \u2014 compromised admin accounts, insider threats, and the lack of CSRF protection all provide attack vectors.\n\n## Recommended Fix\n\nAdd `isSSRFSafeURL()` validation before fetching the URL. In `plugin/Live/test.php`, after line 15:\n\n```php\n$statsURL = $_REQUEST[\u0027statsURL\u0027];\nif (empty($statsURL) || $statsURL == \"php://input\" || !preg_match(\"/^http/\", $statsURL)) {\n    _log(\u0027this is not a URL \u0027);\n    exit;\n}\n\n// Add SSRF protection\nif (!isSSRFSafeURL($statsURL)) {\n    _log(\u0027URL failed SSRF safety check: \u0027 . htmlentities($statsURL));\n    exit;\n}\n```\n\nAdditionally, enable SSL verification in the curl handler (lines 79-80):\n\n```php\n// Replace:\ncurl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);\ncurl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\n// With:\ncurl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);\ncurl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);\n```\n\nAnd in the stream context (lines 45-49):\n\n```php\n// Replace:\n\"ssl\" =\u003e [\n    \"verify_peer\" =\u003e false,\n    \"verify_peer_name\" =\u003e false,\n    \"allow_self_signed\" =\u003e true,\n],\n// With:\n\"ssl\" =\u003e [\n    \"verify_peer\" =\u003e true,\n    \"verify_peer_name\" =\u003e true,\n    \"allow_self_signed\" =\u003e false,\n],\n```",
  "id": "GHSA-wxjx-r2j2-96fx",
  "modified": "2026-03-25T19:53:55Z",
  "published": "2026-03-25T19:53:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/WWBN/AVideo/security/advisories/GHSA-wxjx-r2j2-96fx"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WWBN/AVideo/commit/c95eafbdfccd5959c546a430c32fb3b6026f39ac"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/WWBN/AVideo"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "AVideo: Full-Read SSRF Through Unvalidated statsURL Parameter in plugin/Live/test.php"
}

GHSA-WXPM-572G-X86C

Vulnerability from github – Published: 2024-10-17 18:31 – Updated: 2026-04-01 18:32
VLAI
Details

Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects Edwiser Bridge: from n/a through 3.0.7.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-49312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-17T18:15:14Z",
    "severity": "MODERATE"
  },
  "details": "Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects Edwiser Bridge: from n/a through 3.0.7.",
  "id": "GHSA-wxpm-572g-x86c",
  "modified": "2026-04-01T18:32:03Z",
  "published": "2024-10-17T18:31:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49312"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/edwiser-bridge/vulnerability/wordpress-edwiser-bridge-plugin-3-0-7-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/edwiser-bridge/wordpress-edwiser-bridge-plugin-3-0-7-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WXQ5-CQJ8-P4VX

Vulnerability from github – Published: 2025-07-25 06:30 – Updated: 2025-07-25 06:30
VLAI
Details

A vulnerability classified as critical has been found in yanyutao0402 ChanCMS up to 3.1.2. This affects the function getArticle of the file app/modules/api/service/gather.js. The manipulation of the argument targetUrl leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. The identifier of the patch is 3ef58a50e8b3c427b03c8cf3c9e19a79aa809be6. It is recommended to upgrade the affected component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8133"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T06:15:24Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical has been found in yanyutao0402 ChanCMS up to 3.1.2. This affects the function getArticle of the file app/modules/api/service/gather.js. The manipulation of the argument targetUrl leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. The identifier of the patch is 3ef58a50e8b3c427b03c8cf3c9e19a79aa809be6. It is recommended to upgrade the affected component.",
  "id": "GHSA-wxq5-cqj8-p4vx",
  "modified": "2025-07-25T06:30:31Z",
  "published": "2025-07-25T06:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8133"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/yanyutao0402/ChanCMS/commit/3ef58a50e8b3c427b03c8cf3c9e19a79aa809be6"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/yanyutao0402/ChanCMS/issues/ICLP1K"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/yanyutao0402/ChanCMS/releases/tag/V3.1.3"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.317529"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.317529"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.619777"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-X22M-J5QQ-J49M

Vulnerability from github – Published: 2026-02-18 17:45 – Updated: 2026-03-11 20:41
VLAI
Summary
OpenClaw has two SSRF via sendMediaFeishu and markdown image fetching in Feishu extension
Details

Summary

The Feishu extension could fetch attacker-controlled remote URLs in two paths without SSRF protections:

  • sendMediaFeishu(mediaUrl)
  • Feishu DocX markdown image URLs (write/append -> image processing)

Affected versions

  • < 2026.2.14

Patched versions

  • >= 2026.2.14

Impact

If an attacker can influence tool calls (directly or via prompt injection), they may be able to trigger requests to internal services and re-upload the response as Feishu media.

Remediation

Upgrade to OpenClaw 2026.2.14 or newer.

Notes

The fix routes Feishu remote media fetching through hardened runtime helpers that enforce SSRF policies and size limits.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-18T17:45:12Z",
    "nvd_published_at": "2026-03-05T22:16:17Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nThe Feishu extension could fetch attacker-controlled remote URLs in two paths without SSRF protections:\n\n- `sendMediaFeishu(mediaUrl)`\n- Feishu DocX markdown image URLs (write/append -\u003e image processing)\n\n### Affected versions\n- `\u003c 2026.2.14`\n\n### Patched versions\n- `\u003e= 2026.2.14`\n\n### Impact\nIf an attacker can influence tool calls (directly or via prompt injection), they may be able to trigger requests to internal services and re-upload the response as Feishu media.\n\n### Remediation\nUpgrade to OpenClaw `2026.2.14` or newer.\n\n### Notes\nThe fix routes Feishu remote media fetching through hardened runtime helpers that enforce SSRF policies and size limits.",
  "id": "GHSA-x22m-j5qq-j49m",
  "modified": "2026-03-11T20:41:53Z",
  "published": "2026-02-18T17:45:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-x22m-j5qq-j49m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28451"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/pull/16285"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/5b4121d6011a48c71e747e3c18197f180b872c5d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.14"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-ssrf-via-feishu-extension-media-fetching"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OpenClaw has two SSRF via sendMediaFeishu and markdown image fetching in Feishu extension"
}

GHSA-X245-WV5C-HR8Q

Vulnerability from github – Published: 2024-04-17 15:30 – Updated: 2026-04-08 18:32
VLAI
Details

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for authenticated attackers, with contributor access and above, to make web requests to arbitrary locations originating from the web application and can be used to modify information from internal services. NOTE: This vulnerability, exploitable by contributor-level users, was was fixed in version 4.4.7. The same vulnerability was fixed for author-level users in version 4.4.8.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6805"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-17T13:15:08Z",
    "severity": "MODERATE"
  },
  "details": "The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for authenticated attackers, with contributor access and above, to make web requests to arbitrary locations originating from the web application and can be used to modify information from internal services. NOTE: This vulnerability, exploitable by contributor-level users, was was fixed in version 4.4.7. The same vulnerability was fixed for author-level users in version 4.4.8.",
  "id": "GHSA-x245-wv5c-hr8q",
  "modified": "2026-04-08T18:32:59Z",
  "published": "2024-04-17T15:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6805"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/3070624/feedzy-rss-feeds"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/46978e1d-7adb-49f6-8e41-093f177c9a4d?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X27P-WFQW-HFCC

Vulnerability from github – Published: 2026-01-05 18:02 – Updated: 2026-01-06 15:52
VLAI
Summary
Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation
Details

The Craft CMS GraphQL save_<VolumeName>_Asset mutation is vulnerable to Server-Side Request Forgery (SSRF). This vulnerability arises because the _file input, specifically its url parameter, allows the server to fetch content from arbitrary remote locations without proper validation. Attackers can exploit this by providing internal IP addresses or cloud metadata endpoints as the url, forcing the server to make requests to these restricted services. The fetched content is then saved as an asset, which can subsequently be accessed and exfiltrated, leading to potential data exposure and infrastructure compromise. This exploitation requires specific GraphQL permissions for asset management within the targeted volume.

Users should update to the patched 5.8.21 and 4.16.17 releases to mitigate the issue.

References:

https://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52

https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04


Required Permissions

The exploitation requires a few permissions to be enabled in the used GraphQL schema: - "Edit assets in the <VolumeName> volume" - "Create assets in the <VolumeName> volume"

Steps to Reproduce

  1. Log in to the Craft CMS control panel as an admin.

  2. Create a new volume if you haven’t yet.

  3. Create a new schema (or use the full/public schema) and enable the permissions mentioned above in the Required Permissions section.

  4. Go to GraphiQL: http://craft.local/admin/graphiql & set the created schema.

  5. Run the following GraphQL mutation to upload an Asset (Replace the <VolumeName> with your volume name):

mutation {
    save_<VolumeName>_Asset(_file: { 
        url: "http://127.0.0.1:80/index.php"
        filename: "poc.txt"
    }) {
        id
    }
}
  1. Note that the index.php response will be saved as poc.txt & its content will be accessible via the asset preview/download functionality.

  2. For the PoC, http://127.0.0.1:80/index.php was used as an example. However, the url parameter can be leveraged to target internal services, cloud metadata endpoints, or any arbitrary external URL.

Impact

Successful exploitation of this SSRF vulnerability allows attackers to access internal network resources, bypass firewall rules, and conduct network reconnaissance.

In cloud environments (AWS, GCP, Azure), this can lead to the theft of sensitive credentials (e.g., IAM roles, service account tokens) from metadata endpoints, potentially resulting in the full compromise of the underlying infrastructure and the exfiltration of sensitive data.


Users should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue.

Users running Craft 3.5.0+ should update to the latest Craft 4.16.17 or 5.8.21 releases.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.8.20"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "craftcms/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0-RC1"
            },
            {
              "fixed": "5.8.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.16.16"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "craftcms/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.5.0"
            },
            {
              "fixed": "4.16.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-68437"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-05T18:02:37Z",
    "nvd_published_at": "2026-01-05T22:15:52Z",
    "severity": "MODERATE"
  },
  "details": "The Craft CMS GraphQL `save_\u003cVolumeName\u003e_Asset` mutation is vulnerable to Server-Side Request Forgery (SSRF). This vulnerability arises because the `_file` input, specifically its `url` parameter, allows the server to fetch content from arbitrary remote locations without proper validation. Attackers can exploit this by providing internal IP addresses or cloud metadata endpoints as the `url`, forcing the server to make requests to these restricted services. The fetched content is then saved as an asset, which can subsequently be accessed and exfiltrated, leading to potential data exposure and infrastructure compromise. This exploitation requires specific GraphQL permissions for asset management within the targeted volume.\n\nUsers should update to the patched 5.8.21 and 4.16.17 releases to mitigate the issue.\n\nReferences:\n\nhttps://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52\n\nhttps://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04\n\n---\n\n### Required Permissions\n\nThe exploitation requires a few permissions to be enabled in the used GraphQL schema:\n- \"Edit assets in the `\u003cVolumeName\u003e` volume\"\n- \"Create assets in the `\u003cVolumeName\u003e` volume\"\n\n### Steps to Reproduce\n\n1. Log in to the Craft CMS control panel as an admin.\n\n2. Create a new volume if you haven\u2019t yet.\n\n3. Create a new schema (or use the full/public schema) and enable the permissions mentioned above in the **Required Permissions** section.\n\n4. Go to **GraphiQL**: `http://craft.local/admin/graphiql` \u0026 set the created schema.\n\n5. Run the following GraphQL mutation to upload an Asset *(Replace the `\u003cVolumeName\u003e` with your volume name)*:\n\n```graphql\nmutation {\n    save_\u003cVolumeName\u003e_Asset(_file: { \n        url: \"http://127.0.0.1:80/index.php\"\n        filename: \"poc.txt\"\n    }) {\n        id\n    }\n}\n```\n\n6. Note that the `index.php` response will be saved as `poc.txt` \u0026 its content will be accessible via the asset preview/download functionality.\n\n8. For the PoC, `http://127.0.0.1:80/index.php` was used as an example. However, the `url` parameter can be leveraged to target internal services, cloud metadata endpoints, or any arbitrary external URL.\n\n## Impact\n\nSuccessful exploitation of this SSRF vulnerability allows attackers to access internal network resources, bypass firewall rules, and conduct network reconnaissance.\n\nIn cloud environments (AWS, GCP, Azure), this can lead to the theft of sensitive credentials (e.g., IAM roles, service account tokens) from metadata endpoints, potentially resulting in the full compromise of the underlying infrastructure and the exfiltration of sensitive data.\n\n---\n\nUsers should update to the patched versions (5.8.21 and 4.16.17) to mitigate the issue.\n\nUsers running Craft 3.5.0+ should update to the latest Craft 4.16.17 or 5.8.21 releases.",
  "id": "GHSA-x27p-wfqw-hfcc",
  "modified": "2026-01-06T15:52:11Z",
  "published": "2026-01-05T18:02:37Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/security/advisories/GHSA-x27p-wfqw-hfcc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68437"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/commit/013db636fdb38f3ce5657fd196b6d952f98ebc52"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/craftcms/cms"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5821---2025-12-04"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation"
}

GHSA-X27V-X225-GQ8G

Vulnerability from github – Published: 2017-12-06 16:43 – Updated: 2023-08-29 15:38
VLAI
Summary
Recurly gem Server-Side Request Forgery in Resource#find method
Details

The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the Resource#find method that could result in compromise of API keys or other critical resources.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.0"
            },
            {
              "fixed": "2.6.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.11.0"
            },
            {
              "fixed": "2.11.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "recurly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.10.0"
            },
            {
              "fixed": "2.10.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-0905"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T22:01:40Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the `Resource#find` method that could result in compromise of API keys or other critical resources.",
  "id": "GHSA-x27v-x225-gq8g",
  "modified": "2023-08-29T15:38:45Z",
  "published": "2017-12-06T16:43:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0905"
    },
    {
      "type": "WEB",
      "url": "https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/288635"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/recurly/recurly-client-ruby"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/recurly/CVE-2017-0905.yml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Recurly gem Server-Side Request Forgery in Resource#find method"
}

No mitigation information available for this CWE.

CAPEC-664: Server Side Request Forgery

An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.