Common Weakness Enumeration

CWE-918

Allowed

Server-Side Request Forgery (SSRF)

Abstraction: Base · Status: Incomplete

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

4641 vulnerabilities reference this CWE, most recent first.

GHSA-QWJ2-2FWC-G58H

Vulnerability from github – Published: 2025-02-28 09:30 – Updated: 2026-04-08 21:33
VLAI
Details

The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.0 via the 'url_media_uploader_url_upload' action. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-1662"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-28T09:15:12Z",
    "severity": "MODERATE"
  },
  "details": "The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.0 via the \u0027url_media_uploader_url_upload\u0027 action. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.",
  "id": "GHSA-qwj2-2fwc-g58h",
  "modified": "2026-04-08T21:33:03Z",
  "published": "2025-02-28T09:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1662"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3247347%40url-media-uploader\u0026new=3247347%40url-media-uploader"
    },
    {
      "type": "WEB",
      "url": "https://wordpress.org/plugins/url-media-uploader"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae8f1852-2d67-4ed9-ab3d-5b3bf4083e06?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QWQ8-4CRH-RGWQ

Vulnerability from github – Published: 2026-03-19 21:30 – Updated: 2026-03-19 21:30
VLAI
Details

Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-32169"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-19T21:17:10Z",
    "severity": "CRITICAL"
  },
  "details": "Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network.",
  "id": "GHSA-qwq8-4crh-rgwq",
  "modified": "2026-03-19T21:30:25Z",
  "published": "2026-03-19T21:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32169"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32169"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QWRF-GFPJ-QVJ6

Vulnerability from github – Published: 2022-05-24 22:04 – Updated: 2022-06-08 16:30
VLAI
Summary
Smokescreen SSRF via deny list bypass (square brackets)
Details

Impact

The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure.

Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. [example.com]).

Recommendation

Upgrade Smokescreen to version 0.0.4 or later.

Acknowledgements

Thanks to Axel Chong for reporting the issue.

For more information

Email us at security@stripe.com

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/stripe/smokescreen"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-29188"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-05-24T22:04:04Z",
    "nvd_published_at": "2022-05-21T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure.\n\nSmokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. `[example.com]`). \n\n### Recommendation\nUpgrade Smokescreen to version 0.0.4 or later.\n\n### Acknowledgements\nThanks to [Axel Chong](https://github.com/haxatron) for reporting the issue.\n\n### For more information\nEmail us at security@stripe.com\n\n",
  "id": "GHSA-qwrf-gfpj-qvj6",
  "modified": "2022-06-08T16:30:51Z",
  "published": "2022-05-24T22:04:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/stripe/smokescreen/security/advisories/GHSA-qwrf-gfpj-qvj6"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29188"
    },
    {
      "type": "WEB",
      "url": "https://github.com/stripe/smokescreen/commit/dea7b3c89df000f4072ff9866d61d78e30df6a36"
    },
    {
      "type": "PACKAGE",
      "url": "github.com/stripe/smokescreen"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Smokescreen SSRF via deny list bypass (square brackets)"
}

GHSA-QWWX-FHV3-C8Q4

Vulnerability from github – Published: 2025-12-01 00:30 – Updated: 2025-12-01 00:30
VLAI
Details

A security vulnerability has been detected in deco-cx apps up to 0.120.1. Affected by this vulnerability is the function AnalyticsScript of the file website/loaders/analyticsScript.ts of the component Parameter Handler. Such manipulation of the argument url leads to server-side request forgery. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 0.120.2 addresses this issue. It is suggested to upgrade the affected component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-13796"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-01T00:15:46Z",
    "severity": "MODERATE"
  },
  "details": "A security vulnerability has been detected in deco-cx apps up to 0.120.1. Affected by this vulnerability is the function AnalyticsScript of the file website/loaders/analyticsScript.ts of the component Parameter Handler. Such manipulation of the argument url leads to server-side request forgery. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 0.120.2 addresses this issue. It is suggested to upgrade the affected component.",
  "id": "GHSA-qwwx-fhv3-c8q4",
  "modified": "2025-12-01T00:30:21Z",
  "published": "2025-12-01T00:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13796"
    },
    {
      "type": "WEB",
      "url": "https://github.com/deco-cx/apps/pull/1360"
    },
    {
      "type": "WEB",
      "url": "https://github.com/deco-cx/apps/releases/tag/0.120.2"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.333807"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.333807"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.691837"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-QWXP-6QF9-WR4M

Vulnerability from github – Published: 2026-03-18 16:34 – Updated: 2026-03-20 21:28
VLAI
Summary
PinchTab has a Blind SSRF via browser-side redirect bypass in /download URL validation
Details

The /download endpoint validates only the initial URL provided by the user using validateDownloadURL() to prevent requests to internal or private network addresses.

Exploitation requires \security.allowDownload=true, which is disabled by default.

However, pages loaded by the embedded Chromium browser can trigger additional browser-side requests (for example, JavaScript redirects, navigations, or resource requests) after the initial validation step.

Because the validation is only applied to the initial URL and not to subsequent browser-issued request targets, an attacker-controlled page can cause the browser to issue requests to internal network services reachable from the PinchTab host.

This results in a blind Server-Side Request Forgery (SSRF) condition in which internal-only services may be accessed and state-changing endpoints may be triggered without returning the response body to the attacker.

Steps to Reproduce:

Environment Setup Target: PinchTab server (tested on v0.8.x, v0.7.x) Attacker-controlled server: Publicly accessible (e.g., via ngrok) attacker.py Internal service: Runs on the same host as PinchTab and is not externally accessible internal_service.py

1. Start a Local Internal Service (Victim Side)

Run a simple HTTP service bound to localhost: internal_service.py

python internal_service.py

#Example behavior of internal_service.py:
#Listens on 127.0.0.1:1337
#Exposes endpoint /increment
#Increments a counter and logs requests

#Expected output when accessed:
#COUNTER INCREMENTED: 1
#COUNTER INCREMENTED: 2

2. Host an Attacker-Controlled Page (Attacker side)

Deploy a malicious HTML page that redirects to the internal service: attacker.py

<html>
<body>
<script>
setTimeout(function(){
    window.location = "http://127.0.0.1:1337/increment";
}, 1500);
</script>
</body>
</html>

Host this page on a publicly accessible server (e.g., using ngrok): https://fcb8-180-149-93-3.ngrok-free.app

3. Trigger the Vulnerable Endpoint (Attacker side)

Send a request to the PinchTab /download endpoint:

curl "http://[server-ip]:9867/download?url=https://fcb8-180-149-93-3.ngrok-free.app"

If a server token is configured, the request must include valid authentication.

4. Observe Server-Side Request to Localhost

When PinchTab processes the request: 1. It launches a headless Chromium instance 2. The browser loads the attacker-controlled page 3. JavaScript executes within the browser 4. The browser redirects to: http://127.0.0.1:1337/increment

5. Verify the Impact

Check the output of internal_service.py: proof

COUNTER INCREMENTED: 1 proof_incremented

This confirms that the request originated from the PinchTab host and that an attacker can successfully access localhost-only internal services via the browser, despite the initial URL validation.

Impact

This vulnerability allows an attacker to bypass the /download URL validation and cause the embedded Chromium browser to make requests to internal network services. By hosting a page that performs a redirect after the initial validation, an attacker can force the browser to access resources such as 127.0.0.1 or other private network addresses reachable from the PinchTab host.

Although the response is not returned to the attacker (blind SSRF), this behavior can still be used to interact with internal services and trigger state-changing endpoints. In environments where sensitive services or cloud metadata endpoints are accessible from the host, this could lead to more serious security impact.

Mitigation

Apply the same URL safety policy to every browser-issued request in the /download flow, not only the initial user-supplied URL, and block requests to loopback, private, link-local, and other non-public network ranges inside the Chromium browser context.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.8.2"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/pinchtab/pinchtab"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33081"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-18T16:34:00Z",
    "nvd_published_at": "2026-03-20T10:16:18Z",
    "severity": "MODERATE"
  },
  "details": "### **The /download endpoint validates only the initial URL provided by the user using validateDownloadURL() to prevent requests to internal or private network addresses.**\n\nExploitation requires \\security.allowDownload=true`, which is disabled by default.`\n\nHowever, pages loaded by the embedded Chromium browser can trigger additional browser-side requests (for example, JavaScript redirects, navigations, or resource requests) after the initial validation step.\n\nBecause the validation is only applied to the initial URL and not to subsequent browser-issued request targets, an attacker-controlled page can cause the browser to issue requests to internal network services reachable from the PinchTab host.\n\nThis results in a blind Server-Side Request Forgery (SSRF) condition in which internal-only services may be accessed and state-changing endpoints may be triggered without returning the response body to the attacker.\n\n\n### **Steps to Reproduce:**\n\n**Environment Setup**\nTarget: PinchTab server (tested on v0.8.x, v0.7.x)\nAttacker-controlled server: Publicly accessible (e.g., via ngrok) [attacker.py](https://github.com/user-attachments/files/26013554/att.py)\nInternal service: Runs on the same host as PinchTab and is not externally accessible [internal_service.py](https://github.com/user-attachments/files/26013551/internal.py)\n\n**1. Start a Local Internal Service (Victim Side)**\n\nRun a simple HTTP service bound to localhost: [internal_service.py](https://github.com/user-attachments/files/26013551/internal.py)\n    \n    python internal_service.py\n    \n    #Example behavior of internal_service.py:\n    #Listens on 127.0.0.1:1337\n    #Exposes endpoint /increment\n    #Increments a counter and logs requests\n    \n    #Expected output when accessed:\n    #COUNTER INCREMENTED: 1\n    #COUNTER INCREMENTED: 2\n\n**2. Host an Attacker-Controlled Page (Attacker side)**\n\nDeploy a malicious HTML page that redirects to the internal service: [attacker.py](https://github.com/user-attachments/files/26013554/att.py)\n\n    \u003chtml\u003e\n    \u003cbody\u003e\n    \u003cscript\u003e\n    setTimeout(function(){\n        window.location = \"http://127.0.0.1:1337/increment\";\n    }, 1500);\n    \u003c/script\u003e\n    \u003c/body\u003e\n    \u003c/html\u003e\nHost this page on a publicly accessible server (e.g., using ngrok): https://fcb8-180-149-93-3.ngrok-free.app\n\n\n**3. Trigger the Vulnerable Endpoint (Attacker side)**\n\nSend a request to the PinchTab /download endpoint:\n\n    curl \"http://[server-ip]:9867/download?url=https://fcb8-180-149-93-3.ngrok-free.app\"\n\nIf a server token is configured, the request must include valid authentication.\n\n**4. Observe Server-Side Request to Localhost**\n\nWhen PinchTab processes the request:\n1. It launches a headless Chromium instance\n2. The browser loads the attacker-controlled page\n3. JavaScript executes within the browser\n4. The browser redirects to: http://127.0.0.1:1337/increment\n\n\n**5. Verify the Impact**\n\nCheck the output of internal_service.py:\n   \u003cimg width=\"718\" height=\"156\" alt=\"proof\" src=\"https://github.com/user-attachments/assets/cf00e3e6-71c6-44ae-83b0-ed819f19ee9a\" /\u003e\n\nCOUNTER INCREMENTED: 1\n   \u003cimg width=\"718\" height=\"282\" alt=\"proof_incremented\" src=\"https://github.com/user-attachments/assets/98281b8e-221b-4e76-a10b-1b2335d08c61\" /\u003e\n\n**This confirms that the request originated from the PinchTab host and that an attacker can successfully access localhost-only internal services via the browser, despite the initial URL validation.**\n\n\n### **Impact**\nThis vulnerability allows an attacker to bypass the /download URL validation and cause the embedded Chromium browser to make requests to internal network services. By hosting a page that performs a redirect after the initial validation, an attacker can force the browser to access resources such as 127.0.0.1 or other private network addresses reachable from the PinchTab host.\n\nAlthough the response is not returned to the attacker (blind SSRF), this behavior can still be used to interact with internal services and trigger state-changing endpoints. In environments where sensitive services or cloud metadata endpoints are accessible from the host, this could lead to more serious security impact.\n\n### **Mitigation**\nApply the same URL safety policy to every browser-issued request in the `/download` flow, not only the initial user-supplied URL, and block requests to loopback, private, link-local, and other non-public network ranges inside the Chromium browser context.",
  "id": "GHSA-qwxp-6qf9-wr4m",
  "modified": "2026-03-20T21:28:07Z",
  "published": "2026-03-18T16:34:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/pinchtab/pinchtab/security/advisories/GHSA-qwxp-6qf9-wr4m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33081"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/pinchtab/pinchtab"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pinchtab/pinchtab/releases/tag/v0.8.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "PinchTab has a Blind SSRF via browser-side redirect bypass in /download URL validation"
}

GHSA-QX9H-856C-43J9

Vulnerability from github – Published: 2022-05-24 17:31 – Updated: 2022-05-24 17:31
VLAI
Details

In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-15822"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-19T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.",
  "id": "GHSA-qx9h-856c-43j9",
  "modified": "2022-05-24T17:31:12Z",
  "published": "2022-05-24T17:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15822"
    },
    {
      "type": "WEB",
      "url": "https://blog.jetbrains.com"
    },
    {
      "type": "WEB",
      "url": "https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-QXG5-MCMP-M3M9

Vulnerability from github – Published: 2024-11-13 00:30 – Updated: 2025-11-04 00:32
VLAI
Details

The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts ([]), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-11168"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-12T22:15:14Z",
    "severity": "MODERATE"
  },
  "details": "The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren\u0027t IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.",
  "id": "GHSA-qxg5-mcmp-m3m9",
  "modified": "2025-11-04T00:32:03Z",
  "published": "2024-11-13T00:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11168"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/issues/103848"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/pull/103849"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/634ded45545ce8cbd6fd5d49785613dd7fa9b89e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/ddca2953191c67a12b1f19d6bca41016c6ae7132"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20250411-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-QXGF-HMCJ-3XW3

Vulnerability from github – Published: 2026-04-01 00:01 – Updated: 2026-04-06 22:46
VLAI
Summary
OpenClaw affected by SSRF via unguarded image download in fal provider
Details

Summary

The fal provider used raw fetches for both provider API traffic and returned image download URLs instead of the existing SSRF-guarded fetch path.

Impact

A malicious or compromised fal relay could make the gateway fetch internal URLs and expose metadata or internal service responses through the image pipeline.

Affected Component

extensions/fal/image-generation-provider.ts

Fixed Versions

  • Affected: <= 2026.3.24
  • Patched: >= 2026.3.28
  • Latest stable 2026.3.28 contains the fix.

Fix

Fixed by commit 80d1e8a11a (fal: guard image fetches).

OpenClaw thanks @AntAISecurityLab for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.24"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.28"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-34504"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-01T00:01:51Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "## Summary\n\nThe fal provider used raw fetches for both provider API traffic and returned image download URLs instead of the existing SSRF-guarded fetch path.\n\n## Impact\n\nA malicious or compromised fal relay could make the gateway fetch internal URLs and expose metadata or internal service responses through the image pipeline.\n\n## Affected Component\n\n`extensions/fal/image-generation-provider.ts`\n\n## Fixed Versions\n\n- Affected: `\u003c= 2026.3.24`\n- Patched: `\u003e= 2026.3.28`\n- Latest stable `2026.3.28` contains the fix.\n\n## Fix\n\nFixed by commit `80d1e8a11a` (`fal: guard image fetches`).\n\nOpenClaw thanks @AntAISecurityLab for reporting.",
  "id": "GHSA-qxgf-hmcj-3xw3",
  "modified": "2026-04-06T22:46:03Z",
  "published": "2026-04-01T00:01:51Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-qxgf-hmcj-3xw3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34504"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/80d1e8a11a2ac118c7f7a70bba9c862b6141d928"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.28"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-unguarded-image-download-in-fal-provider"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw affected by SSRF via unguarded image download in fal provider"
}

GHSA-QXH8-5779-HG4R

Vulnerability from github – Published: 2025-10-01 06:30 – Updated: 2025-10-01 06:30
VLAI
Details

The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10735"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T04:15:59Z",
    "severity": "MODERATE"
  },
  "details": "The Block For Mailchimp \u2013 Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.",
  "id": "GHSA-qxh8-5779-hg4r",
  "modified": "2025-10-01T06:30:22Z",
  "published": "2025-10-01T06:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10735"
    },
    {
      "type": "WEB",
      "url": "https://plugins.svn.wordpress.org/block-for-mailchimp/tags/1.1.9/mailchimp/API.php"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3368808%40block-for-mailchimp\u0026new=3368808%40block-for-mailchimp\u0026sfp_email=\u0026sfph_mail="
    },
    {
      "type": "WEB",
      "url": "https://wordpress.org/plugins/block-for-mailchimp"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51de575f-d458-4a7d-bc57-4a11e5124377?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QXP5-VJRM-298X

Vulnerability from github – Published: 2024-11-18 09:31 – Updated: 2025-06-24 18:33
VLAI
Details

Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.

This issue affects Apache OFBiz: before 18.12.17.

Users are recommended to upgrade to version 18.12.17, which fixes the issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47208"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-18T09:15:06Z",
    "severity": "CRITICAL"
  },
  "details": "Server-Side Request Forgery (SSRF), Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue.",
  "id": "GHSA-qxp5-vjrm-298x",
  "modified": "2025-06-24T18:33:08Z",
  "published": "2024-11-18T09:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47208"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/OFBIZ-13158"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/022r19skfofhv3lzql33vowlrvqndh11"
    },
    {
      "type": "WEB",
      "url": "https://ofbiz.apache.org/download.html"
    },
    {
      "type": "WEB",
      "url": "https://ofbiz.apache.org/security.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/11/16/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

CAPEC-664: Server Side Request Forgery

An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.