CVE-2026-41172
Vulnerability Description
Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, an SSRF vulnerability allows a user with asset upload permission to force the server to fetch arbitrary URLs, including localhost/private network targets, and persist the response as an asset. Version 7.23.0 contains a fix.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-918
Source
NVD
Vendor
Squidex
Product
squidex
Discussion (0)
Add Comment
No comments yet. Be the first!