Back to CVE List

CVE-2026-9557

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
6.4 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Vulnerability Description

A Server-Side Request Forgery (SSRF) vulnerability exists in Mautic's Focus component. Due to insufficient validation of user-supplied URLs, an authenticated user can trigger outbound HTTP requests from the hosting server, enabling internal network reconnaissance or forcing requests to arbitrary internal or external destinations.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-918
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!